System Administration Guide: IP Services

ProcedureHow to Set Up a Log File for Solaris IP Filter

By default, all log information for Solaris IP Filter is recorded in the syslogd file. You should set up a log file to record Solaris IP Filter traffic information separately from other data that might be logged in the default log file. Perform the following steps.

  1. Assume a role that includes the IP Filter Management rights profile, or become superuser.

    You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Edit the /etc/syslog.conf file by adding the following two lines:

    # Save IPFilter log output to its own file 
    local0.debug             /var/log/log-name

    Note –

    On the second line, make sure to use the Tab key, not the Spacebar, to separate local0.debug from /var/log/log-name.

  3. Create the new log file.

    # touch /var/log/log-name
  4. Restart the system-log service.

    # svcadm restart system-log

Example 25–20 Creating a Solaris IP Filter Log

The following example shows how to create ipmon.log to archive IP filter information.

In /etc/syslog.conf:

# Save IPFilter log output to its own file 
local0.debug             /var/log/ipmon.log

At the command line:

# touch /var/log/ipmon.log
# svcadm restart system-log