Comments on: Log iptables Messages to a Separate File with rsyslog http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/ tech, politics, etc. Mon, 30 Jan 2012 20:31:47 +0000 hourly 1 http://wordpress.org/?v=3.1.2 By: the sign of four pdf http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-22025 the sign of four pdf Fri, 13 Jan 2012 09:30:24 +0000 http://blog.shadypixel.com/?p=269#comment-22025 <strong>the sign of four pdf...</strong> [...]Log iptables Messages to a Separate File with rsyslog | Random Bits[...]... the sign of four pdf…

[...]Log iptables Messages to a Separate File with rsyslog | Random Bits[...]…

]]> By: sb http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-15697 sb Fri, 07 Oct 2011 05:23:43 +0000 http://blog.shadypixel.com/?p=269#comment-15697 Hi, Thanks for a good and helpful tutorial. I've got one question I was hoping you might be able to answer. I keep getting error messages when i use filters, and I am wondering wether it can be due to a module not being loaded. Did you load specific modules before implementing the filtering? Hi,

Thanks for a good and helpful tutorial.

I’ve got one question I was hoping you might be able to answer. I keep getting error messages when i use filters, and I am wondering wether it can be due to a module not being loaded.

Did you load specific modules before implementing the filtering?

]]> By: John Smith http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-14621 John Smith Mon, 05 Sep 2011 16:55:06 +0000 http://blog.shadypixel.com/?p=269#comment-14621 Try "dmesg -n5" Try “dmesg -n5″

]]> By: iptables loglarını farklı dosyaya ayrıştırma senaryosu - Murat Özalp http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-13469 iptables loglarını farklı dosyaya ayrıştırma senaryosu - Murat Özalp Fri, 22 Jul 2011 10:09:52 +0000 http://blog.shadypixel.com/?p=269#comment-13469 [...] kaynak: http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/ Linux, Sunucu iptables, Linux, logrotate, rsyslog, [...] [...] kaynak: http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/ Linux, Sunucu iptables, Linux, logrotate, rsyslog, [...]

]]> By: Сексшоп, интим магазин http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-12501 Сексшоп, интим магазин Sun, 19 Jun 2011 04:22:16 +0000 http://blog.shadypixel.com/?p=269#comment-12501 <a href="http://www.uralintim.ru" rel="nofollow"></a>

]]> By: WoLf http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-10448 WoLf Tue, 22 Mar 2011 17:07:07 +0000 http://blog.shadypixel.com/?p=269#comment-10448 You might want to add a number to the conf file in rsyslog.d and have it load before the other rules. in example /etc/rsyslog.d/30-iptables.conf is a safe guess for basic ubuntu systems. You might want to add a number to the conf file in rsyslog.d and have it load before the other rules.
in example /etc/rsyslog.d/30-iptables.conf is a safe guess for basic ubuntu systems.

]]> By: Log iptables Messages to a Separate File with rsyslog http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-8666 Log iptables Messages to a Separate File with rsyslog Fri, 14 Jan 2011 21:01:05 +0000 http://blog.shadypixel.com/?p=269#comment-8666 [...] to original source: http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/ Cancel [...] [...] to original source: http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/ Cancel [...]

]]> By: R Duke http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-8017 R Duke Mon, 13 Dec 2010 14:57:54 +0000 http://blog.shadypixel.com/?p=269#comment-8017 Thanks for this nice tip. I also had the timestamp problem, so now I have added a regex rule: :msg, startswith, "ipt: " -/var/log/iptables.log & ~ :msg, regex, "^\[ *[0-9]*\.[0-9]*\] ipt: " -/var/log/iptables.log & ~ However, the messages still also go to dmesg (the command). Would like to remove them from there as well. Thanks for this nice tip. I also had the timestamp problem, so now I have added a regex rule:

:msg, startswith, “ipt: ” -/var/log/iptables.log
& ~
:msg, regex, “^\[ *[0-9]*\.[0-9]*\] ipt: ” -/var/log/iptables.log
& ~

However, the messages still also go to dmesg (the command). Would like to remove them from there as well.

]]> By: btmorex http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-3443 btmorex Sun, 08 Nov 2009 21:14:35 +0000 http://blog.shadypixel.com/?p=269#comment-3443 The advantage of rsyslog is that you're probably already using it and you can't really run a linux system with out some sort of syslog daemon. ulogd might make sense on a dedicated firewall, but it's sort of ridiculous to have to run a completely separate daemon just to log iptables on a workstation. The advantage of rsyslog is that you’re probably already using it and you can’t really run a linux system with out some sort of syslog daemon. ulogd might make sense on a dedicated firewall, but it’s sort of ridiculous to have to run a completely separate daemon just to log iptables on a workstation.

]]> By: Anonymous http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/#comment-3441 Anonymous Sun, 08 Nov 2009 17:42:24 +0000 http://blog.shadypixel.com/?p=269#comment-3441 Or you could skip rsyslog all together, and use ULOGD and the ULOG target. More flexibility this way - send the logs to a file, or a database. No issues with filtering, and you can use as many prefixes as you want without having to reconfigure rsyslog. Or you could skip rsyslog all together, and use ULOGD and the ULOG target. More flexibility this way – send the logs to a file, or a database. No issues with filtering, and you can use as many prefixes as you want without having to reconfigure rsyslog.

]]>