Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to store/redirect Syslogs to a custom file #151

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

How to store/redirect Syslogs to a custom file #151

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 41 additions & 0 deletions GJ sudo
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
How to Store/redirect syslogs to a custom file
--------------------------------------------------------step#1-------------------------------------------------------------------------------------------
first of all create a file with the name of sysmon.log at /var/log destination
as,
----------> touch /var/log/sysmon.log file will be created
--------------------------------------------------------step#2--------------------------------------------------------------------------------------------
after that create a new configuration file in rsyslog.d
for creating this file we need the root privilege

for root privilege:
----------> sudo su -
now create the configuration file,
--------------------------------------------------------step#3--------------------------------------------------------------------------------------------
---------> touch /etc/rsyslog.d/00_sysmon.conf
file will be created with the name of "00_sysmon.conf"

now add the script in this configuration file, which is;
--------------------------------------------------------step#4--------------------------------------------------------------------------------------------
--------> # copy to /etc/rsyslog.d/00_sysmon.conf
if ( $programname == "sysmon" ) then {
action(type="omfile" file="/var/log/sysmon.log" flushOnTXEnd="on")
stop
}

---------> save and exit ctrl+o save and ctrl+x to exit back to the terminal
--------------------------------------------------------step#5--------------------------------------------------------------------------------------------
after writing this script give the permissions to sysmon.log files as,

sudo chgrp syslog /var/sysmon.log
sudo chmod 664 /var/sysmon.log

--------------------------------------------------------step#6--------------------------------------------------------------------------------------------
after givin these permissions;
must restart,
-------> sudo systemctl restart rsyslog

your after restarting your system, check the sysmon.log

tail -f /var/log/sysmon.log this is continously executeable for stopping ctrl+z
or
car -f /var/log/sysmon.log