Arvy
Reputation: 1212
Filter syslog messages
On Syslog, how can I filter all messages from "suexec"?
My syslog has zillions of messages like this:
Nov 24 09:44:40 juno suexec[20253]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:44:49 juno suexec[20271]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:44:56 juno suexec[20284]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:45:07 juno suexec[20785]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
It's a cPanel server on CentOS 7.
Thank you.
Upvotes: 0
Views: 401
Answers (1)
Bogdan Stoica
Reputation: 4529
These could be considered as a good read:
I think you might need to create a filter specifically for rsyslog in order to save the suexec messages to a file instead of being displayed to syslog
Upvotes: 0
Related Questions
- Understanding syslogd
- How to do advanced filtering of Monolog messages in Symfony?
- c/c++ syslog to custom file (not /var/log/syslog but /var/log/mylog) - ubuntu 12.04
- How to filter Remote Syslog messages on Red Hat?
- How to read syslog messages as a normal user?
- only log certain logs with monolog using a channel in symfony
- Is there a way to redirect syslog messages to stdout?
- Disabling/Enabling logging when using syslog
- syslog and LOCAL0..7
- syslog question