Installation manual

6.8 Logging

ESETS provides system daemon logging via syslog.

Syslo g

is a standard for logging program messages and can be used to log

system events such as network and security events.

Messages refer to a facility:

auth, authpriv, daemon, cron, ftp, lpr, kern, mail, ..., local0, ..., local7

Messages are assigned a priority/level by the sender of the message:

Error, Warning, Summall, Summ, Partall, Part, Info, Debug

This section describes how to configure and read the logging output of syslog. The

‘syslog _fa cility’

option (default value

‘d a emon’

) defines the syslog facility used for logging. To modify syslog settings edit the ESETS configuration file or use the web

interface. Modify the value of the

‘syslog _cla ss’

parameter to change the logging class. We recommend you modify these settings

only if you are familiar with syslog. For an example of syslog configuration see below:

syslog_facility = "daemon"

syslog_class = "error:warning:summall"

The name and location of the log file depend on your syslog installation and configuration (e.g. rsyslog, syslog-ng, etc.).

Standard filenames for syslog output files are for example

‘syslog ’

'd a em o n .log '

, etc. To follow syslog activity, run one of the

following commands from the console:

tail -f /var/log/syslog

tail -100 /var/log/syslog | less

cat /var/log/syslog | grep esets | less

If you enable ESET Remote Administration, ERA log entries older than given days by the option

‘ra cl_log s_lifetim e’

will be

automatically deleted.