Date: Wed, 30 Oct 2002 20:06:01 +0200 From: Paulius Bulotas <paulius@kaktusas.org> To: freebsd-questions@freebsd.org Subject: Re: processing ipfw's /var/log/security file Message-ID: <20021030180601.GA47049@kaktusas.org> In-Reply-To: <20021029111620.A45326@badger.tltodd.com> References: <20021029111620.A45326@badger.tltodd.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Terry,
On 02 10 29, Terry Todd wrote:
> I'm using ipfw and am looking for something to process
> /var/log/security(.*.gz) with.
/var/log/security is not for ipfw only, it's for messages with priority
security. you can filter ipfw output with syslog configuration:
!ipfw
*.* /var/log/ipfw/ipfw.log
in /etc/syslog.conf
or using syslogd patch which was not so long ago posted to some mailing
list:
!-ipfw
*.* /var/log/messages
!ipfw
*.* /var/log/ipfw/ipfw.log
^ that's all syslogd configuration ;)
And to answer your question, I don't know anything to process ipfw's
logs (and maybe put them into mysql), but someday I will write something
;) [maybe ;]
> Even a program that would convert the "last message repeated * times"
> line to lines that could be counted in a piped command stream
> would be useful.
man syslogd:
-c Disable the compression of repeated instances of the same line
into a single line of the form ``last message repeated N
times'' when the output is a pipe to another program.
If specified twice, disable this compression in all cases.
Paulius
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021030180601.GA47049>