修改配置文件/etc/sysconfig/syslog
[root@alicia ~]# vi /etc/sysconfig/syslog
1 # Options to syslogd
2 # -m 0 disables 'MARK' messages.
3 # -r enables logging from remote machines
4 # -x disables DNS lookups on messages recieved with -r
5 # See syslogd(8) for more details
6 #SYSLOGD_OPTIONS="-m 0"
7 SYSLOGD_OPTIONS="-r -x -m 0" #-r表示允许接收外来的消息,-x表示不解析DNS, #-m 0表示时间戳标记间隔
[root@alicia ~]# vi /etc/syslog.conf [root@hding ~]# vi /etc/syslog.conf
34 syslog.info;syslog.!err;syslog.!crit;syslog.!alert /var/log/mylog
35 syslog.err /var/log/testerror
[root@alicia ~]# service syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[root@alicia ~]# tail -F /var/log/messages
7:51" fw=10.8.117.45 pri=6 c=1024 m=537 msg="Connection Closed" app=5183 sess=None n=14539 src=192.168.10.13:53294:X1 dst=8.8.8.8:53:X1 proto=udp/dns sent=58 spkt=1 cdur=30416 vpnpolicy="remote"7:51" fw=10.8.117.45 pri=6 c=1024 m=537 msg="Connection Closed" app=5183 sess=None n=14539 src=192.168.10.13:53294:X1 dst=8.8.8.8:53:X1 proto=udp/dns sent=58 spkt=1 cdur=30416 vpnpolicy="remote"