Logging - ESET FILE SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual

6.6 Logging

ESETS provides system daemon logging via syslog. Syslog is a standard for logging program messages and can be used to log
system events such as network and security events.
Messages refer to a facility:
auth, authpriv, daemon, cron, ftp, lpr, kern, mail, ..., local0, ..., local7
Messages are assigned a priority/level by the sender of the message:
Error, Warning, Summall, Summ, Partall, Part, Info, Debug
This section describes how to configure and read the logging output of syslog. The 'syslog _fa cility' option (default value
'da emon' ) defines the syslog facility used for logging. To modify syslog settings edit the ESETS configuration file or use the web
interface. Modify the value of the 'syslog _cla ss' parameter to change the logging class. We recommend you modify these settings
only if you are familiar with syslog. For an example of syslog configuration see below:
syslog_facility = "daemon"
syslog_class = "error:warning:summall"
The name and location of the log file depend on your syslog installation and configuration (e.g. rsyslog, syslog-ng, etc.).
Standard filenames for syslog output files are for example 'syslog ' , 'da emon.log ' , etc. To follow syslog activity, run one of the
following commands from the console:
tail -f /var/log/syslog
tail -100 /var/log/syslog | less
cat /var/log/syslog | grep esets | less
If you enable ESET Remote Administration, ERA log entries older than given days by the option 'ra cl_log s_lifetime' will be
automatically deleted.
20