[SGVLUG] PIX Logging to syslog

Joel Witherspoon joel.witherspoon at gmail.com
Fri Mar 30 08:40:03 PST 2007


Hey all, I need some help.

I have a Pix FW using Local4.warning on UDP 514 and I want to send it to a
log file on my CentOS Linux server using Splunk. Syslog starts with the
options -m 0 -r. I've config'd the syslog to send Local4.* to
/var/log/pix.log. The Pix sends the syslog to the server and it shows in
Splunk as a UDP source, but I can't log the info to the file. I've tried
debug using syslogd -d with no errors or traffic on, or to, that file.

Here's the file information and rights.
-rw-r--r--  1 root root 0 Mar 29 15:52 pix.log

and the line from syslog.conf

# Log messages from the Pix Firewall
local4.*                                                /var/log/pix.log

Any help or insight would be much appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20070330/023615d8/attachment.html


More information about the SGVLUG mailing list