build:logging
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
build:logging [2005/03/04 11:03] 66.128.107.163 |
build:logging [2018/05/28 02:10] (current) SLUUG Administration [logrotate.conf] |
||
|---|---|---|---|
| Line 11: | Line 11: | ||
| Installed as the default Debian logging setup. | Installed as the default Debian logging setup. | ||
| + | |||
| + | ==== /etc/klogd/default ==== | ||
| + | |||
| + | Change KLOGD line to read: | ||
| + | <file> | ||
| + | KLOGD="-c 5" | ||
| + | </file> | ||
| + | to turn off console messages for lower priority messages. | ||
| + | |||
| + | Technically, we should be changing the ''kernel.printk'' line in ''/etc/sysctl.conf'' instead, but that has not yet been tested. | ||
| + | |||
| + | |||
| + | ==== logrotate.conf ==== | ||
| + | |||
| + | Edit ''/etc/logrotate.conf'' to change the ''rotate'' option for ''/var/log/wtmp'' from ''1'' to ''25'', and ''/var/log/btmp'' from ''1'' to ''13''. | ||
| + | |||
| + | === Later changes and corrections === | ||
| + | |||
| + | Add option ''dateext'' to change the naming convention of adding | ||
| + | generation numbers ".1", ".2", etc. to the "-yyyymmdd" format. | ||
| + | Also manually rename all existing log files to the new format. | ||
| + | Note this is the default in later releases. | ||
| + | |||
| + | Fix incorrect permissions for the ''/var/log/btmp'' entry | ||
| + | from ''0660'' to ''0600''. | ||
| + | Also chmod existing files to make the same change. | ||
| + | This is a well known bug fixed in later releases, but should be verified. | ||
| ==== syslog.conf ==== | ==== syslog.conf ==== | ||
| + | Everything at level of info other than kern.info and mail.info goes to /var/log/messages. That was accomplished with: | ||
| + | |||
| + | news.info;daemon.info;\ | ||
| + | auth.info;authpriv.info;\ | ||
| + | cron.info;syslog.info;\ | ||
| + | user.info -/var/log/messages | ||
| + | |||
| + | |||
| + | OLD: | ||
| # /etc/syslog.conf Configuration file for syslogd. | # /etc/syslog.conf Configuration file for syslogd. | ||
| # | # | ||
| Line 83: | Line 119: | ||
| *.=debug;*.=info;\ | *.=debug;*.=info;\ | ||
| *.=notice;*.=warn |/dev/xconsole | *.=notice;*.=warn |/dev/xconsole | ||
| + | ===== Reporting ===== | ||
| - | ===== System Changes ===== | + | ===== TODO ===== |
| - | //Please post changes here in the format of: [H4] date|your name [/H4] [CR]description of chages made// | + | |
| - | === Feburary 19 2005 | Install Group === | + | * Setup daily system checks such as |
| - | Initial instalation of default Debian logging. | + | - Root Kit Hunter http://www.rootkit.nl/projects/rootkit_hunter.html |
| + | - logwatch http://www2.logwatch.org:81/ | ||
| + | - ckrootkit http://www.chkrootkit.org/ | ||
| - | ===== TODO ===== | ||
| - | * Setup daily system checks such as Root Kit Hunter | ||
| * Enable tripwire | * Enable tripwire | ||
| * Determine what admins are to recieve daily log reports | * Determine what admins are to recieve daily log reports | ||
| - | |||
| ===== Credits ===== | ===== Credits ===== | ||
| + | |||
build/logging.1109955813.txt.gz · Last modified: 2005/03/04 14:55 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
