way to flush /var/log/message
Bill Davidsen
davidsen at tmr.com
Mon Jun 25 15:25:00 UTC 2012
Paul Allen Newell wrote:
> On 5/21/2012 5:48 AM, Tim wrote:
>> On Sun, 2012-05-20 at 11:35 -0700, Paul Allen Newell wrote:
>>> I am having problems with is expecting to see new additions from
>>> iptables logging rejections and not getting them until much later, if
>>> at all? I just wanted to find out if there was a need/way to make sure
>>> that nothing is "waiting" to be written as Idon't know if there is any
>>> buffering of output (something like fflush() in c++).
>> You can configure iptables to log to somewhere else. Another file, or
>> directly to a console.
>>
> Tim:
>
> When I first looked into the man pages et al for iptables, I found the LOG but
> no way to specify a file. The best I could sort out was using a prefix so I
> would at least have a token to search for in /var/log/messages.
>
> I just did a quick google to see if I missed something. The only thing I see is
> a level and a link to syslog.conf, which I did not get on first reading (and it
> didn't feel like where I should be looking to begin with).
>
> Can you point me to a link?
>
If you use --log-level you can control handling of that output only. There is
buffering control in syslog, I forget the details, but on one system I do recall
that going unbuffered caused a large increase in CPU use. You should be able to
find the info in man pages, I have no link for predigested summaries.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the users
mailing list