On 2/27/06, Lance Davis <lance at uklinux.net> wrote: > On Mon, 27 Feb 2006, Keith Morse wrote: > > > Dave wrote: > > > I have a cisco router sending syslog messages to a linux server. I've > > > been looking around on how to log those into a separate file and I've > > > run across using local7 in various howtos. It looks like you can have > > > 8 different local log settings, but I can't seem to find any docs on > > > how to set those up. Anyone have a howto on that? > > > > > > > My best suggestion is to take a look at syslog-ng for parsing this out. > > Takes a bit to get the syntax right but well worth it. > > The syslog that comes with CentOS is quite capable of dealing with local7 > .... > > try man syslog.conf > > something as simple as :- > > local7.* /var/log/cisco.log > > Should do the trick. > > Also you have to make sure that the server is setup to receive remote > syslog - you need to add a -r switch in /etc/sysconfig/syslog (it is > documented in there ) , restart syslog, and make > sure that port 514 udp is accessible to the host that is logging. Sorry about the delay, only two techs here of which one is my boss. It looks like /etc/syslog.conf already has a local7 defined. It's using it for the boot messages. I did take a look at the man pages, but I only saw a reference that local0 - 7 can be logged. I'm not exactly sure what or how to set up those local logs. What, who and where is local7 or any of the locals defined?