Sparcitecture

This is the syslog.conf I have settled on for Solaris 8/9 systems:

*.err;kern.none;daemon.none;mail.none           /var/log/syslog
auth.info                                       /var/log/authlog
mail.warning                                    /var/log/maillog
daemon.info;kern.info;local0.info               /var/adm/messages

It gives good separation between daemon and kernel messages, auth messages, miscellaneous messages, and non-critical messages (e.g. mail). On Solaris 8 this requires the creation of new rotation scripts in /usr/lib and root’s crontab for maillog and authlog, as well as the rotation script for wtmpx. On Solaris 9 the following is a template I am using for /etc/logadm.conf:

/var/log/syslog -C 8 -p 1w -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/log/authlog -C 8 -p 1w -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/log/maillog -C 8 -p 1w -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/adm/messages -C 8 -p 1w -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/adm/lastlog -C 8 -p 24h
/var/adm/wtmpx -C 8 -p 24h
/var/cron/log -p 24h -c -s 10240k -t /var/cron/olog