Configuring the syslog

The syslog framework is one of the most important features of Oracle Solaris 11, because its goal is to log all the events that occur in each second. These records can be used to investigate any suspicious behavior on the system. Like most books, we will not delve into unnecessary details and theory about syslog. The main idea here is to show how the syslog can be configured, monitored, and used.

Getting ready

This recipe requires two virtual machines (VirtualBox or VMware) named solaris11-1 and solaris11-2, both running Oracle Solaris 11 with at least 2 GB RAM, and a network interface.

How to do it…

The syslog framework is composed of a main daemon (syslogd) and its respective configuration file (/etc/syslog.conf). To gather ...

Get Oracle Solaris 11 Advanced Administration Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.