[Semibug] OpenBSD Custom Syslog entry

Mark Moellering markmoellering at psyberation.com
Fri Apr 17 16:26:19 EDT 2020


I am trying to get a custom syslog entry for events from pf. Right now, 
events are being written to /var/log/messages.  I can't figure out why 
they aren't being written to /var/log/local7.  I have read through the 
man pages, can't figure out what I am missing...

the run file has the command that writes to syslog.  syslog.conf is my 
current file.  I am on the latest version of OpenBSD (6.6)


Thanks


Mark

-------------- next part --------------
#!/bin/sh
exec /usr/bin/logger -p local7.notice -i -t pf2syslog
-------------- next part --------------
#	$OpenBSD: syslog.conf,v 1.20 2016/12/27 13:38:14 jca Exp $
#


*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	/var/log/messages
kern.debug;syslog,user.info				/var/log/messages
auth.info						/var/log/authlog
authpriv.debug						/var/log/secure
cron.info						/var/cron/log
daemon.info						/var/log/daemon
ftp.info						/var/log/xferlog
lpr.debug						/var/log/lpd-errs
mail.info						/var/log/maillog


local7.*                                                /var/log/local7
# Uncomment this line to send "important" messages to the system
# console: be aware that this could create lots of output.
#*.err;auth.notice;authpriv.none;kern.debug;mail.crit	/dev/console

# Uncomment this to have all messages of notice level and higher
# as well as all authentication messages sent to root.
#*.notice;auth.debug					root

# Everyone gets emergency messages.
#*.emerg							*

# Uncomment to log to a central host named "loghost".  You need to run
# syslogd with the -u option on the remote host if you are using this.
# (This is also required to log info from things like routers and
# ISDN-equipment).  If you run -u, you are vulnerable to syslog bombing,
# and should consider blocking external syslog packets.
#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	@loghost
#auth,daemon,syslog,user.info;authpriv,kern.debug		@loghost

# Uncomment to log messages from doas(1) to its own log file.  Matches are done
# based on the program name.
# Program-specific logs:
!pf2syslog
*.*							/var/log/pf2syslog

!svscan
*.*                                                     /var/log/svscan



More information about the Semibug mailing list