You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Preventing Duplication of Remote Syslog Log Entries in /var/log/messages

in Linux

Applies to:

Oracle Cloud Infrastructure

Linux x86-64

Symptoms

Syslog records received from remote systems are being logged in both the dedicated log file (rsyslog--%HOSTNAME%.log) and /var/log/messages, making the messages file too large and difficult to review.

Cause

By default, rsyslog does not differentiate between local and remote logs unless explicitly configured. Without proper filtering, logs from remote hosts get written to both the general /var/log/messages file and the designated remote log files.

Solution

To resolve the issue of syslog records being stored both in the dedicated log file (rsyslog--%HOSTNAME%.log) and /var/log/messages, modify the rsyslog configuration to ensure that remote logs are only stored in their respective log files and are excluded from /var/log/messages:

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!