The MIS manager at our site has asked me to send him daily reports on
what people are gawking at on the Web, both to protect us from civil
liability and to make sure we're not wasting too much time. Since our
firewall has an option to forward proxy logging info by the syslog
service, I have forwarded this data to one of our servers behind the
firewall (it's an AlphaServer 800 running DU 4.0B). I then collate this
raw data with a Perl script and send daily reports to all the interested
parties. Unfortunately, along with all this data we get an enormous
amount of useless kruft kernel messages, including all other proxies for
all other services. What this means is the console window is
effectively useless because it constantly scrolls (about one new message
every 10-15 seconds). What I'd like to do is to somehow filter this
stuff out using the syslog.conf file while leaving the local kernel
messages on the display. It doesn't appear that this is feasible. Am I
wrong?
Here's an example of what the annoying kernel messages look like:
Apr 20 13:48:33 loco kernel: kpf rule #29,ef1,172.16.158.50,0,204.70.214.6,8,0,1,permit
Apr 20 13:48:47 loco last message repeated 9 times
Apr 20 13:48:47 loco kernel: kpf rule #29,ef1,172.16.158.69,0,204.70.214.6,8,0,1,permit
Apr 20 13:49:03 loco last message repeated 11 times
--
Robert L. McMillin | Not the voice of Syseca, Inc. | rlm_at_syseca-us.com
Personal: rlm_at_helen.surfcty.com | rlm_at_netcom.com
Put 'rabbit' in your Subject: or my spam-schnauzer will eat your message.
Received on Tue Apr 21 1998 - 20:15:06 NZST