[Semibug] OpenBSD Custom Syslog entry

Josh Grosse josh at jggimi.net
Fri Apr 17 18:55:19 EDT 2020


On Fri, Apr 17, 2020 at 04:26:19PM -0400, Mark Moellering wrote:
> I am trying to get a custom syslog entry for events from pf. Right now,
> events are being written to /var/log/messages.?? I can't figure out why they
> aren't being written to /var/log/local7.?? I have read through the man
> pages, can't figure out what I am missing...
> 
> the run file has the command that writes to syslog.?? syslog.conf is my
> current file.?? I am on the latest version of OpenBSD (6.6)
> 
[...]
 
> #!/bin/sh
> exec /usr/bin/logger -p local7.notice -i -t pf2syslog

The "-t <tag>" is only a text field that is colon and space separated
from the message.  e.g.: 

$ logger -p ftp.info -t hi this is a test

adds a line like this to /var/log/xferlog:

---
Apr 17 18:39:53 x220 hi: this is a test
---

The "!prog" tag lines requires the compiled binary executable be named.  Shell
scripts, python programs, Perl, awk, are not compiled binaries.  Be certain your
programs are compiled executables.  Utilities like top(1) and ps(1) may
help you ensure they are named correctly. 



More information about the Semibug mailing list