HOWTO vixie-cron notes: Difference between revisions
No edit summary |
No edit summary |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=Reducing '''/var/log/messages''' Clutter= | |||
On a '''hardened''' gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages. They are far too verbose :-( Cut down on the clutter by editing and adding the red/bold change: | On a '''hardened''' gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages. They are far too verbose :-( Cut down on the clutter by editing and adding the red/bold change: | ||
<font color=red>hostname</font> <font color=blue>~ #</font> '''emacs -nw /etc/syslog-ng/syslog-ng.conf''' | <font color=red>hostname</font> <font color=blue>~ #</font> '''emacs -nw /etc/syslog-ng/syslog-ng.conf''' | ||
filter f_auth { facility(auth); }; | |||
filter f_authpriv { facility(auth, authpriv); }; | |||
filter f_syslog { not facility(authpriv, mail); }; | |||
filter f_cron { facility(cron); }; | |||
filter f_daemon { facility(daemon); }; | |||
filter f_kern { facility(kern); }; | |||
filter f_lpr { facility(lpr); }; | |||
filter f_mail { facility(mail); }; | |||
filter f_user { facility(user); }; | |||
filter f_uucp { facility(uucp); }; | |||
#filter f_ppp { facility(ppp); }; | |||
filter f_news { facility(news); }; | |||
filter f_debug { not facility(auth, authpriv, news, mail); }; | |||
filter f_messages { level(info..warn) | filter f_messages { level(info..warn) | ||
and not facility(auth, authpriv, mail, news, <font color=red>'''cron'''</font>); }; | and not facility(auth, authpriv, mail, news, <font color=red>'''cron'''</font>); }; | ||
filter f_emergency { level(emerg); }; | |||
Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, '''not''' the main /var/log/messages file. Sanity is restored :-) | Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, '''not''' the main /var/log/messages file. Sanity is restored :-) | ||
<hr> | <hr> | ||
For Reference, here are a | For Reference, here are a couple of example syslog-ng.conf files: | ||
[[Typical hardened syslog-ng.conf]] | [[Typical hardened syslog-ng.conf]] | ||
[[Typical workstation syslog-ng.conf]] | [[Typical workstation syslog-ng.conf]] | ||
<br> | <br> | ||
=Gentoo Daily Sync= | |||
Add these lines to your /etc/crontab file: | |||
# Every morning at 1:18am (randomly chosen!) I sync with a gentoo mirror | |||
18 1 * * * root /usr/bin/emerge --sync > /dev/null 2>&1 ; prelink -amvfR > /dev/null 2>&1 | |||
If you admin several servers, watch out that you don't exceed your rsync-server maximum connection limit! Stagger the sync-times amongst your machines, to spread the load.<br> | |||
The '''prelink''' portion is really only useful for a workstation; omit for a server. |
Latest revision as of 19:22, 8 February 2008
Reducing /var/log/messages Clutter
On a hardened gentoo machine, the main /var/log/messages file becomes hugely cluttered with the minute-by-minute cron messages. They are far too verbose :-( Cut down on the clutter by editing and adding the red/bold change:
hostname ~ # emacs -nw /etc/syslog-ng/syslog-ng.conf filter f_auth { facility(auth); }; filter f_authpriv { facility(auth, authpriv); }; filter f_syslog { not facility(authpriv, mail); }; filter f_cron { facility(cron); }; filter f_daemon { facility(daemon); }; filter f_kern { facility(kern); }; filter f_lpr { facility(lpr); }; filter f_mail { facility(mail); }; filter f_user { facility(user); }; filter f_uucp { facility(uucp); }; #filter f_ppp { facility(ppp); }; filter f_news { facility(news); }; filter f_debug { not facility(auth, authpriv, news, mail); }; filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron); }; filter f_emergency { level(emerg); };
Minute-by-minute cron messages are still logged, but only to /var/log/cron.log, not the main /var/log/messages file. Sanity is restored :-)
For Reference, here are a couple of example syslog-ng.conf files:
Typical hardened syslog-ng.conf
Typical workstation syslog-ng.conf
Gentoo Daily Sync
Add these lines to your /etc/crontab file:
# Every morning at 1:18am (randomly chosen!) I sync with a gentoo mirror 18 1 * * * root /usr/bin/emerge --sync > /dev/null 2>&1 ; prelink -amvfR > /dev/null 2>&1
If you admin several servers, watch out that you don't exceed your rsync-server maximum connection limit! Stagger the sync-times amongst your machines, to spread the load.
The prelink portion is really only useful for a workstation; omit for a server.