HOWTO vixie-cron notes: Difference between revisions

From Research
Jump to navigation Jump to search
No edit summary
No edit summary
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
=Reducing '''/var/log/messages''' Clutter=
On a '''hardened''' gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages.  They are far too verbose :-(  Cut down on the clutter by editing and adding the red/bold change:
On a '''hardened''' gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages.  They are far too verbose :-(  Cut down on the clutter by editing and adding the red/bold change:


  <font color=red>hostname</font> <font color=blue>~ #</font> '''emacs -nw /etc/syslog-ng/syslog-ng.conf'''
  <font color=red>hostname</font> <font color=blue>~ #</font> '''emacs -nw /etc/syslog-ng/syslog-ng.conf'''
   
   
filter f_auth { facility(auth); };
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { not facility(authpriv, mail); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_uucp { facility(uucp); };
#filter f_ppp { facility(ppp); };
filter f_news { facility(news); };
filter f_debug { not facility(auth, authpriv, news, mail); };
  filter f_messages { level(info..warn)
  filter f_messages { level(info..warn)
         and not facility(auth, authpriv, mail, news, <font color=red>'''cron'''</font>); };
         and not facility(auth, authpriv, mail, news, <font color=red>'''cron'''</font>); };
filter f_emergency { level(emerg); };


Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, '''not''' the main /var/log/messages file.  Sanity is restored :-)
Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, '''not''' the main /var/log/messages file.  Sanity is restored :-)
<hr>
<hr>
For Reference, here are a number of example syslog-ng.conf files:
For Reference, here are a couple of example syslog-ng.conf files:


[[Typical hardened syslog-ng.conf]]
[[Typical hardened syslog-ng.conf]]
[[Typical server syslog-ng.conf]]


[[Typical workstation syslog-ng.conf]]
[[Typical workstation syslog-ng.conf]]
<br>
<br>
=Gentoo Daily Sync=
Add these lines to your /etc/crontab file:
# Every morning at 1:18am (randomly chosen!) I sync with a gentoo mirror
18 1  * * *      root  /usr/bin/emerge --sync > /dev/null 2>&1 ; prelink -amvfR > /dev/null 2>&1
If you admin several servers, watch out that you don't exceed your rsync-server maximum connection limit!  Stagger the sync-times amongst your machines, to spread the load.<br>
The '''prelink''' portion is really only useful for a workstation; omit for a server.

Latest revision as of 19:22, 8 February 2008

Reducing /var/log/messages Clutter

On a hardened gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages. They are far too verbose :-( Cut down on the clutter by editing and adding the red/bold change:

hostname ~ # emacs -nw /etc/syslog-ng/syslog-ng.conf

filter f_auth { facility(auth); };
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { not facility(authpriv, mail); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_uucp { facility(uucp); };
#filter f_ppp { facility(ppp); };
filter f_news { facility(news); };
filter f_debug { not facility(auth, authpriv, news, mail); };
filter f_messages { level(info..warn)
        and not facility(auth, authpriv, mail, news, cron); };
filter f_emergency { level(emerg); };

Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, not the main /var/log/messages file. Sanity is restored :-)


For Reference, here are a couple of example syslog-ng.conf files:

Typical hardened syslog-ng.conf

Typical workstation syslog-ng.conf

Gentoo Daily Sync

Add these lines to your /etc/crontab file:

# Every morning at 1:18am (randomly chosen!) I sync with a gentoo mirror
18 1  * * *      root   /usr/bin/emerge --sync > /dev/null 2>&1 ; prelink -amvfR > /dev/null 2>&1

If you admin several servers, watch out that you don't exceed your rsync-server maximum connection limit! Stagger the sync-times amongst your machines, to spread the load.
The prelink portion is really only useful for a workstation; omit for a server.