Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-7043: How to move /var/log/messages for DirectAudit

Auditing and Monitoring Service ,   Authentication Service ,  

20 June,16 at 05:59 AM

Applies to:  

Centrify DirectControl and DirectAudit on All OS Platforms


How to relocate/move /var/log/messages for Centrify DirectControl or DirectAudit?


Follow below steps to relocate /var/log/messages for DirectAudit.

Assuming this is RH, using syslog (syslogd).

1. Modify /etc/syslog.conf
add line

local0.* /var/log/local0.log

2. Touch /var/log/local0.log

3. Restart syslogd

4. Modify /etc/centrifydc/centrifydc.conf, locate the line

logger.facility.*: auth

add line
logger.facility.*: local0

5. Add same line to /etc/centrifyda/centrifyda.conf
logger.facility.*: local0

6. Restart centrifydc and centrifyda
/usr/share/centrifydc/centrifydc restart
/usr/share/centrifyda/centrifyda restart

Centrify DirectControl and Centrify DirectAudit now logs to /var/log/local0.log instead.

1. syslog.conf define "*.info" and direct to /var/log/messages. This is why it is showing log messages from every processes.  It is customizable.

2. addebug will reset (2) above.