Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Quieting down /var/log/messages 1

Status
Not open for further replies.
Yrrk

Yrrk

IS-IT--Management
Aug 22, 2004
180
US
Due to the fact that our network group kills idle connections after 10 minutes, I get a lot of this in /var/log/messages when I stay logged in..

Anyone know how to prevent this level of logging?

Code: 
Jul 31 09:00:01 ps-sm-poly3u-10 crond(pam_unix)[5205]: session opened for user root by (uid=0)
Jul 31 09:00:01 ps-sm-poly3u-10 crond(pam_unix)[5205]: session closed for user root
Jul 31 09:01:01 ps-sm-poly3u-10 crond(pam_unix)[5208]: session opened for user root by (uid=0)
Jul 31 09:01:01 ps-sm-poly3u-10 crond(pam_unix)[5208]: session closed for user root
Jul 31 09:10:01 ps-sm-poly3u-10 crond(pam_unix)[5210]: session opened for user root by (uid=0)
Jul 31 09:10:01 ps-sm-poly3u-10 crond(pam_unix)[5210]: session closed for user root
Jul 31 09:20:01 ps-sm-poly3u-10 crond(pam_unix)[5213]: session opened for user root by (uid=0)
Jul 31 09:20:01 ps-sm-poly3u-10 crond(pam_unix)[5213]: session closed for user root
Jul 31 09:30:01 ps-sm-poly3u-10 crond(pam_unix)[5216]: session opened for user root by (uid=0)
Jul 31 09:30:01 ps-sm-poly3u-10 crond(pam_unix)[5216]: session closed for user root
 
Sort by date Sort by votes
Edit syslog.conf and have cron.none go to /var/log/messages.
 
Upvote 0 Downvote
Thats seems to already be the default..
 
Upvote 0 Downvote
Syslog dosn't have much room for adjustments,
you basicaly select what to log, and where to put it.
Maby you should try to upgrade to syslog-ng.
It has a filtering function that lets you easely filter
out messages with regexp.



You can even log to a MySQL-database and view it in a
browser with Apache. Like this:


 
Upvote 0 Downvote
It's actually the auth facility that you need to adjust to quieten those messages. We usually change these lines:

[tt]# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages[/tt]

to:

[tt]# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;auth.!=debug;auth.!=info;authpriv.none;cron.none /var/log/messages

# Log auth messages elsewhere
auth.* /var/log/auth[/tt]

That keeps the auth stuff separate so you can see the wood for the trees in /var/log/messages, but still retains an audit trail for auth. Remember to set up log rotation for /var/log/auth if you choose to do this as it can get pretty big.

Annihilannic.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

donald lepariku
  • Locked
  • Question
Error: 694, Severity: 24, State: 10 An attempt was made to read logical page '153', virtpage '616' f 1
Replies
3
Views
585
spamjim
spamjim
webamol
  • Locked
  • Question
Apache with mod jk maintenance page when tomcat goes down
Replies
7
Views
468
webamol
webamol
jimktrains
  • Locked
  • Question
RHEL 7 limit user logins
Replies
0
Views
262
jimktrains
jimktrains
RedLinux
  • Locked
  • Question
Login session issues with HTTP headers
Replies
0
Views
263
RedLinux
RedLinux
ChrisRChamberlain
  • Locked
  • Question
How to access /var/www/www.mysite.com/htdocs from home folder
Replies
2
Views
209
ChrisRChamberlain
ChrisRChamberlain

Part and Inventory Search

Sponsor

Back
Top