Configuring the syslog
The syslog framework is one of the most important features of Oracle Solaris 11, because its goal is to log all the events that occur in each second. These records can be used to investigate any suspicious behavior on the system. Like most books, we will not delve into unnecessary details and theory about syslog. The main idea here is to show how the syslog can be configured, monitored, and used.
This recipe requires two virtual machines (VirtualBox or VMware) named
solaris11-2, both running Oracle Solaris 11 with at least 2 GB RAM, and a network interface.
How to do it…
The syslog framework is composed of a main daemon (
syslogd) and its respective configuration file (
/etc/syslog.conf). To gather ...