SYSLOG

***NOTE - there should be NO spaces in the /etc/syslog.conf file***


 * For SUDO logging : Use local2.debug


 * For SFTP logging : in the sshd_conf file in the SFTP section, add
 * ForceCommand internal-sftp -f AUTH -l VERBOSE

=SYSLOG.CONF= Lines in the syslog.conf file are " " format. Selectors are of format '''. '''

FACILITIES
Facilities are : user, kern, mail, daemon, auth, lpr, netws, uucp, cron, audit, local0-7, mark
 * USER: Messages generated by user processes.  This is  the  default.
 * KERN: Messages generated by the kernel.
 * MAIL: The mail system.
 * DAEMON: System daemons, such as in.ftpd(1M)
 * AUTH: The authorization system: login(1), su(1M), getty(1M), among others.
 * LPR: The line printer spooling system:  lpr(1B), lpc(1B), among others.
 * NEWS: Designated for the USENET network news system
 * UUCP: Designated for the UUCP system; it does not currently use the syslog mechanism.
 * CRON: Designated for cron/at messages generated by systems that do logging through syslog.
 * The current version of  the  Solaris  Operating Environment  does  not use this facility for logging.
 * AUDIT: Designated for audit messages generated  by systems that audit by means of syslog.
 * LOCAL0-7: Designated for local use.
 * MARK: For timestamp messages produced  internally by syslogd.
 * *: An asterisk indicates all facilities except for the mark facility.

LEVELS
Levels are : emerg, alert, crit, err, warning, notice, info, debug, none
 * emerg: For panic conditions that would normally be broadcast to all users.
 * alert: For conditions that should be corrected immediately, such as a corrupted system database.
 * crit: For warnings about critical conditions, such as hard device errors.
 * err: For other errors.
 * warning: For warning messages.
 * notice: For conditions that are  not  error  conditions,  but  may require special handling.
 * A configuration entry with a level  value  of notice must appear on a separate line.
 * info: Informational messages.
 * debug: For messages that are  normally  used  only when debugging a program.
 * none: Do not send  messages  from  the  indicated facility  to the selected file.
 * For example, a selector of "*.debug;mail.none" sends all messages except mail messages  to the selected file.