Configuring the syslog

The syslog framework is one of the most important features of Oracle Solaris 11, because its goal is to log all the events that occur in each second. These records can be used to investigate any suspicious behavior on the system. Like most books, we will not delve into unnecessary details and theory about syslog. The main idea here is to show how the syslog can be configured, monitored, and used.

Getting ready

This recipe requires two virtual machines (VirtualBox or VMware) named solaris11-1 and solaris11-2, both running Oracle Solaris 11 with at least 2 GB RAM, and a network interface.

How to do it…

The syslog framework is composed of a main daemon (syslogd) and its respective configuration file (/etc/syslog.conf). To gather ...

Get Oracle Solaris 11 Advanced Administration Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.