Manualshelf

Setup guide

ManualsBrandsApple ManualsNetwork CardMac OS X Server
21222324252627282930
To provide a logon warning banner to users logging into remote services on the
system:
1. Open the file /etc/motd as an administrator.
2. Enter the warning banner that has been approved.
3. Exit, saving changes. The warning banner should appear for the next
person logging into a remote service.
3.10 Auditing and Log File Configuration
Apple includes a graphical program, Console, to view and maintain log files.
Console is found in the /Applications/Utilities folder. Upon starting, the
console window shows the console.log file. Clicking on the Logs icon at the top
left of the window displays a sidebar that shows other log files on the system in a tree
view. The tree includes directories for services such as web and e-mail server
software.
In Mac OS X Server, log files are handled by either the BSD subsystem or a specific
application. The BSD subsystem handles most of the important system logging,
while applications such as the Apache web server handle their own logging. Like
other BSD systems, Mac OS X Server uses a background process called syslogd to
handle logging. A primary decision to make when configuring syslogd is whether to
use remote logging. In local logging, log messages are stored on the hard disk. In
remote logging, log messages are transferred over the network to a dedicated log
server that stores them. Using remote logging is strongly recommended for any
server system.
3.10.1 Configuring syslogd
The configuration file for the system logging process, syslogd, is
/etc/syslog.conf. A manual for configuration of this file is available by issuing
the command man syslog.conf in a Terminal window. Each line within
/etc/syslog.conf consists of text containing three types of data: a facility, a
priority, and an action. Facilities are categories of log messages. The standard
facilities include mail, news, user, and kern (kernel). Priorities deal with the urgency
of the message. In order from least to most critical, they are: debug, info, notice,
warning, err, crit, alert, and emerg. The priority of the log message is set by the
application sending it, not syslogd. Finally, the action specifies what to do with a
log message of a specific facility and priority. Messages can be sent to files, named
pipes, devices, or to a remote host.
The following example line specifies that for any log messages in the category “mail”,
with a priority of “emerg” or higher, the message will be written to the
/var/log/mail.log file:
24
UNCLASSIFIED