By default, all log information for Oracle Solaris IP Filter is recorded in the syslogd file. You should set up a log file to record Oracle Solaris IP Filter traffic information separately from other data that might be logged in the default log file. Perform the following steps.
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
Edit the /etc/syslog.conf file by adding the following two lines:
# Save IPFilter log output to its own file local0.debug /var/log/log-name |
On the second line, make sure to use the Tab key, not the Spacebar, to separate local0.debug from /var/log/log-name.
Create the new log file.
# touch /var/log/log-name |
Restart the system-log service.
# svcadm restart system-log |
The following example shows how to create ipmon.log to archive IP filter information.
In /etc/syslog.conf:
# Save IPFilter log output to its own file local0.debug /var/log/ipmon.log |
At the command line:
# touch /var/log/ipmon.log # svcadm restart system-log |