[afnog] syslog levels

[Scott Weeks]

------- ingabireg at terracom.rw wrote: ---------------

I want to send log messages from my hosts to the central syslog server. I
can log everything by using *.*     @ xx.xx.xx.xx this works, but I think it
will be full of information to be of any real use.

I have seen that we have 7 levels but want to know the important one (with
enough details). Attached is a description of those levels.
-------------------------------------------------



I do this two ways.  First, I let *everything* go into the log file.  Then I look through it by getting rid of things I don't want to see (or have already taken care of) one at a time:

cat /var/log/mylog | egrep -v 'term1|term2|termN' | less

This shows me everything except the lines which contain term1, term2 or termN and I just keep adding terms until I have looked at everything in the file.  Later, you will find a lot of terms you rarely want to see and you can write a small shell script like this:

#! /bin/sh
cat /var/log/mylog | egrep -v 'term1|term2|term3' | less

Then you won't have to type the above every time.  You can call your shell script, say, "logwatch" and then all you have to do is go to the directory and type "./logwatch".  Be sure your permissions are set properly: "chmod u+x logwatch"


One more fun thing to do is watch stuff in real time:

tail -f /var/log/mylog | egrep -v 'term1|term2|term3'

Where the terms are things I don't want to see.  Having everything in the log, as some one mentioned earlier, allows you to go back to an error and look at it in context to other things happening.

scott