-
Notifications
You must be signed in to change notification settings - Fork 2
Configuration
Directing output fom the logging facilities to syslog-notify requires lines in the configuration for syslog or a related utility. The configuration file may be different on different distributions. Once the appropriate file has been edited, the syslog service will usually need to be restarted.
Ubuntu uses rsyslog. Create a file named 99-notify.conf in /etc/rsyslog.d and add appropriate lines there. (Tested on Ubuntu 9.10). Restart with sudo /etc/init.d/rsyslog restart.
Debian uses standard syslog. Edit the file /etc/syslog.conf and add appropriate lines at the end. (Tested on Debian 6.0/“squeeze”). Restart with sudo /etc/init.d/sysklogd restart.
syslog need to be directed to send messages to the named pipe. Right now syslog-notify does no filtering of its own; the messages to send must be selected through syslog. man syslogd or man rsyslog.conf will give the details, but a few examples to get started:
*.* |/var/spool/syslog-notify will send every log message to a popup. This can get very distracting.
*.crit |/var/spool/syslog-notify sends a popup for every log message considered “critical” or more severe.
auth.* |/var/spool/syslog-notify sends a popup for any message relating to security or user authentication (e.g. a failed login attempt.)
Multiple lines can be used for finer selection, but beware of sending the same message twice, e.g. to receive both critical messages and security messages of any priority:
!auth.crit |/var/spool/syslog-notify
auth.* |/var/spool/syslog-notify