Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
1
Replies

content engine syslog on solaris

Go to solution
guffe
Level 1
Level 1

‎03-17-2004 12:55 PM - edited ‎03-02-2019 02:21 PM

HI There

I have a problem getting my Content Engine to syslog to cw2k lms on solaris 8. It works when i delete all the cw2k installed entry in the syslog.conf and replace it with *.debug. So my CE send the syslog to cw2k, any idea why i have to delete the cw2k specific entry and replace it with *.debug

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bjellig
Level 1
Level 1

‎03-18-2004 09:48 AM

It sounds like the message is coming in with an unexpected facility.

When syslogd receives a message, it checks the incoming facility and severity against entries in /etc/syslog.conf. When it finds a match, it sends the message to the destination (a local file, a remote collector, etc.) Entries follow this format:

facility.severity destination

Cisco Works adds an entry of:

local7.info /var/log/syslog_info

which means that any message with a facility EXACTLY matching local7 and a severity of info(rmational) or higher (everything except debug) will be appended to /var/log/syslog_info

*.debug will match ANY facility and ANY severity.

You should either:

1) configure the content engine to send messages using local7 facility, and use the default CW2k entry in /etc/syslog.conf

or

2) determine the facility used by the content engine and add an explicit line in the /etc/syslog.conf for those message types, keeping the cw2k entry as well, like this:

local7.info /var/log/syslog_info

local5.info /var/log/syslog_info (replace "local5" with the appropriate facility from the C.E.)

To discover the facility from the C.E., you can set up a temporary syslog server on a PC using a free syslog server, like Kiwi Syslog (http://www.kiwisyslog.com). Point the content engine to the PC and generate a message, then look at the "priority" column to find the facility.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
bjellig
Level 1
Level 1

‎03-18-2004 09:48 AM

It sounds like the message is coming in with an unexpected facility.

When syslogd receives a message, it checks the incoming facility and severity against entries in /etc/syslog.conf. When it finds a match, it sends the message to the destination (a local file, a remote collector, etc.) Entries follow this format:

facility.severity destination

Cisco Works adds an entry of:

local7.info /var/log/syslog_info

which means that any message with a facility EXACTLY matching local7 and a severity of info(rmational) or higher (everything except debug) will be appended to /var/log/syslog_info

*.debug will match ANY facility and ANY severity.

You should either:

1) configure the content engine to send messages using local7 facility, and use the default CW2k entry in /etc/syslog.conf

or

2) determine the facility used by the content engine and add an explicit line in the /etc/syslog.conf for those message types, keeping the cw2k entry as well, like this:

local7.info /var/log/syslog_info

local5.info /var/log/syslog_info (replace "local5" with the appropriate facility from the C.E.)

To discover the facility from the C.E., you can set up a temporary syslog server on a PC using a free syslog server, like Kiwi Syslog (http://www.kiwisyslog.com). Point the content engine to the PC and generate a message, then look at the "priority" column to find the facility.

0 Helpful
Customers Also Viewed These Support Documents