Honeypots mailing list archives

RE: honeyd0.8b not logging to syslog

From: "Jeff Kloet" <JKloet () toromont com>
Date: Mon, 29 Nov 2004 20:48:51 -0500

On Sun, Nov 28, 2004 at 10:57:19PM -0500, Jeff Kloet wrote:
I'm no Linux guru so I may have some of my terminology incorrect.  I
have a honeyd 0.5 install running daemonized that logs its

connections

to the local syslog facility.  I use the local syslog facility to

push

them out to a remote syslog server for further processing.  Has this
functionality changed in the newer versions of honeyd?  The honeyd
manual page still talks of logging to syslog facility and a local

file.


Mon, Nov 29, 2004 at 1:30 AM,  Neils Provos wrote:
Yes, this has changed.  There is a syslog mask that determines which
information gets logged to syslog if run normally or run under debug
mode.  You can just change the mask to be always like in debug mode.
Change the source code in honeyd.c to do so.

Niels.


In syslog.c, I changed "setlogmask(LOG_UPTO(LOG_INFO))"  to 
"setlogmask(LOG_UPTO(LOG_DEBUG))" and then reinstalled.

Ahhh, that's the honeyd I know and love!

Thanks!
Jeff

Current thread:

honeyd0.8b not logging to syslog Jeff Kloet (Nov 28)
- Re: honeyd0.8b not logging to syslog Administrador Root (Nov 28)
- <Possible follow-ups>
- RE: honeyd0.8b not logging to syslog Jeff Kloet (Nov 28)
  - Re: honeyd0.8b not logging to syslog Niels Provos (Nov 29)
- RE: honeyd0.8b not logging to syslog Jeff Kloet (Nov 29)