KB-7043: How to move /var/log/messages for DirectAudit
Auditing and Monitoring Service
,
Authentication Service
,
Show Properties
Hide Properties
|
6/20/2016 5:59 AM |
|
10/24/2016 4:49 PM |
|
6/20/2016 5:59 AM |
|
Article Audience |
|
Products |
Authentication Service, Auditing and Monitoring Service
|
|
|
|
|
000007043 |
|
|
|
Applies to:
Centrify DirectControl and DirectAudit on All OS Platforms
Question:
How to relocate/move /var/log/messages for Centrify DirectControl or DirectAudit?
Answer:
Follow below steps to relocate /var/log/messages for DirectAudit.
Assuming this is RH, using syslog (syslogd).
1. Modify /etc/syslog.conf
add line
local0.* /var/log/local0.log
2. Touch /var/log/local0.log
3. Restart syslogd
4. Modify /etc/centrifydc/centrifydc.conf, locate the line
logger.facility.*: auth
add line
logger.facility.*: local0
5. Add same line to /etc/centrifyda/centrifyda.conf
logger.facility.*: local0
6. Restart centrifydc and centrifyda
/usr/share/centrifydc/centrifydc restart
/usr/share/centrifyda/centrifyda restart
Centrify DirectControl and Centrify DirectAudit now logs to /var/log/local0.log instead.
NOTE:
1. syslog.conf define "*.info" and direct to /var/log/messages. This is why it is showing log messages from every processes. It is customizable.
2. addebug will reset (2) above.