![]() |
The OnBoard appliance includes syslog-ng, which can be configured through either the Web Manager or the cycli utility to filter log messages sent by system daemons (such as messages from the cron daemon, crond) and by connected devices. By default, the /etc/syslog/syslog-ng.conf file monitors messages from the following two files:
• Notifications can be configured to be sent to an OnBoard appliance administrator by one of the following methods:
•
• syslog-ng allows administrators to set up additional alarm triggers to filter messages based on the messages’ facility, level or contents.function(‘one_or_more_criteria_connected_by_operators’);match(‘regular_expression_matching_a_text_string’);The following example shows the two match functions filtering for logins and excluding messages that have the username francisco; the functions are connected by the not operator.See the syslog-ng v1.6 reference manual at http://www.balabit.com/products/syslog-ng/reference-1.6/syslog-ng.html/index.html#filterfunc for more information.