On Tue, Feb 22, 2005 at 01:35:25AM -0500, David Banning wrote:$ man syslog.conf> Presently all my proftpd logging goes to /var/log/messages but
> it is clogging that file because I have an ftp login every couple of
> minutes. I want to redirect proftpd logging. I tried putting
> proftpd:* /var/log/proftpd.log
> in my /etc/syslog.conf
> but syslogd complains;
> syslogd: unknown facility name "proftpd"
> looking at the man page for proftpd is says;
> Each successful and failed ftp(1) session is logged using syslog with a
> facility of LOG_FTP. Note: LOG_FTP messages are not displayed by sys-
> logd(8) by default, and may have to be enabled in syslogd(8)'s configu-
> ration file.
> So I tried;
> LOG_FTP:* /var/log/proftpd.log
> still no go.
> I am unfamiliar with logging. Can someone help me along here?
The facility describes the part of the system generating the message, and
is one of the following keywords: auth, authpriv, console, cron, daemon,
ftp, kern, lpr, mail, mark, news, ntp, security, syslog, user, uucp and
local0 through local7. These keywords (with the exception of mark) cor-
respond to similar ``LOG_'' values specified to the openlog(3) and
syslog(3) library routines.
I believe the syntax you want is
Make sure the logfile exists (and is writable),
otherwise I think syslog will complain.
- James Cook