[grsec] Message logs
Guillaume Castagnino
guilc at laposte.net
Mon Aug 15 09:24:44 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
John Logsdon wrote:
> I have syslog-ng filtering out my grsec logs to /var/log/grsec/grsec.log -
> with log rotation etc. Console logs can be views over VNC via the
> engineering port but I want to see them in real files as well.
>
> But I notice that the logs are not written immediately - certainly the
> VNC output is reasonably quick so if I was crouching on the floor by the
> server, I would get them immediately.
>
> In particular, I seem to need to restart syslog-ng to flush the
> information out then it gets written with the wrong time stamp.
Have you put "sync(0);" in your "options" section of syslog-ng.conf ?
With sync(0) syslog flush logs every line. Default is higher.
See : http://www.campin.net/syslog-ng/faq.html
> What conf settings can I use for my syslog-ng.conf file so that
> messages are written to disk the instant they are received?
>
> Add sync(0) to your config file.
>
> options { sync(0); };
- --
Guillaume Castagnino
guilc at laposte.net / casta at xwing.info
GnuPG/PGP key :
http://wwwkeys.pgp.net:11371/pks/lookup?op=vindex&fingerprint=on&search=0x8AF468AF
Fingerprint : CD52 FE40 9592 BA1E E89D 5FB6 820E 4742 8AF4 68AF
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDAJecgg5HQor0aK8RAgikAJ0Q75AETBBx8zgDUugCyyxIPMZhDACeJKl7
2mujV2OuEgZiExAQ8h1y/IE=
=L/Ct
-----END PGP SIGNATURE-----
More information about the grsecurity
mailing list