[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Logging to Syslog
I am trying to send the firewall logs to syslog but this is not working for me. Does anybody have any other recommendations? All that logged over a 24 hour period when issuing $FWDIR/bin/fw log -f 2>>/var/adm/messages | /bin/logger -p local5.info > /dev/null 2>&1 & was what is attached below, while log viewer had hundreds of entries. FireWall-1 Log File was switched on 5Sep2001 20:38:26 FireWall-1 Log File was switched on 5Sep2001 20:42:58 Sep 6 03:00:00 fire adm: Sep 6 03:00:00 fire last message repeated 4 times Sep 6 03:00:00 fire adm: ********** SYSTEM ACCOUNTING STARTED Thu Sep 6 03:00:00 CDT 2001 ********** Sep 6 03:00:00 fire adm: Sep 6 03:00:00 fire last message repeated 4 times Sep 6 03:00:02 fire adm: ********** SYSTEM ACCOUNTING COMPLETED Thu Sep 6 03:00:02 CDT 2001 ********** www.phoneboy.com Logging to Syslog? Q: How can I make FireWall-1 log to my syslog server? A: To log specific events to syslog, I use 'User-Defined' logging for this. My user-defined program (defined in the Rulebase Properties, Logging and Alerting tab) is "/usr/ucb/logger -p daemon.notice". Another alternative is to log everything to syslog. Rickard Cedergren says he runs the following on his system and it logs everything that comes in to syslog. $FWDIR/bin/fw log -f 2>>/var/adm/fw-log.log | /bin/logger -p local5.info > /dev/null 2>&1 & This command runs in the background and logs everything to syslog. Note that it might be best to put this into a boot script after FireWall-1 loads so that everything is dumped to syslog. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|