Filter syslog messages

382 Views Asked by Arvy At 24 November 2017 at 11:46

On Syslog, how can I filter all messages from "suexec"?

My syslog has zillions of messages like this:

Nov 24 09:44:40 juno suexec[20253]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:44:49 juno suexec[20271]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:44:56 juno suexec[20284]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56
Nov 24 09:45:07 juno suexec[20785]: uid: (1020/cetn) gid: (1020/cetn) cmd: ea-php56

It's a cPanel server on CentOS 7.

Thank you.

Original Q&A

There are 1 best solutions below

Bogdan Stoica On 27 November 2017 at 11:57

These could be considered as a good read:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-web_servers

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/system_administrators_guide/index

I think you might need to create a filter specifically for rsyslog in order to save the suexec messages to a file instead of being displayed to syslog

Filter syslog messages

There are 1 best solutions below

Related Questions in CPANEL

Related Questions in CENTOS7

Related Questions in SYSLOG

Related Questions in SUEXEC

Trending Questions

Popular # Hahtags

Popular Questions