NAME    [Toc]    [Back]

       syslog_evm.conf  -  EVM  syslog subscription configuration

SYNOPSIS    [Toc]    [Back]


DESCRIPTION    [Toc]    [Back]

       The syslog_evm.conf file is a  text  file  that  specifies
       what  syslog  messages  will  be forwarded from the syslog
       daemon to the  Event  Manager,  EVM,in  the  form  of  EVM
       events.   Those syslog messages are posted to the EVM daemon
 evmd by syslogd if the syslogd forwarding function  is
       turned on with the -e flag. Events are posted with the EVM
       name of sys.unix.syslog.facility-name.

       This configuration file is read every time syslogd starts,
       or  is restarted by a SIGHUP signal.  If the file does not
       exist, or if it exists but contains no subscription lines,
       no syslog messages will be posted to EVM.

       Each  line in the file controls the forwarding of one syslog
 event. Lines beginning with the # character  are  considered
  comments  and are ignored.  Only one subscription
       per line is permitted. Mixing a subscription and a comment
       on the same line is not allowed.

       Each  line has the format facility.priority[+].  Specifies
       the part of the system that generated the  message.  Legal
       values  are  the following: All messages.  Messages generated
 by the kernel.  Messages generated by user processes.
       Messages generated by the mail system.  Messages generated
       by system daemons.  Messages generated by  the  authorization
  system.   Messages  generated internal to the syslog
       system.  Messages generated by the line  printer  spooling
       system.   Messages  generated  by the system news command.
       Messages generated by the UNIX to UNIX copy system.   Messages
 generated by the system clock daemon.  Messages generated
 by remote file systems.  Available for  local  use.
       Indicates the priority of the message.  If the priority is
       followed by a + character, events which are of the  specified
  priority  or  higher  are  forwarded; otherwise only
       events which exactly match the priority are forwarded.

              The priority level must be one  of  the  following:
              Forward messages of any priority.  Forward messages
              of emergency priority.  Forward messages  of  alert
              priority.   Forward  messages of critical priority.
              Forward messages of error priority.   Forward  messages
  of  warning  priority.   Forward messages of
              notice priority.  Forward messages  of  information
              priority.  Forward messages of debug priority.

EXAMPLES    [Toc]    [Back]

       This  example  causes  syslogd to forward events to EVM as
       follows: All messages of emergency priority are forwarded.
       All messages generated in the kernel which have a priority
       of info or greater are forwarded.  All messages  generated
       by  users,  by the mail subsystem or by the system daemons
       which have a priority of info or greater are forwarded.

       *.emerg   kern.info+   user.notice+   mail.notice+    daemon.notice+

FILES    [Toc]    [Back]

       Location  of  the system logger configuration file.  Location
 of the EVM syslog  subscription  configuration  file.
       Location of the EVM logger configuration file.

SEE ALSO    [Toc]    [Back]

       Commands: evmd(8), evmlogger(8), syslog(1), syslogd(8)

       Routines: syslog(3)

       Event Management: EVM(5)

