Forum Discussion

Niladri's avatar
Icon for Nimbostratus rankNimbostratus
Sep 07, 2021

Need to stop sending the debug crond [28591] from f5 to syslog server [splunk]

I have changed the logging level of syslog config from info.... err to emerg.....emerg . Also have specifically mentioned a filter for the remote server where i am filtering the log as:


sys syslog {

  auth-priv-from emerg

  auth-priv-to emerg

  console-log enabled

  cron-from emerg

  cron-to emerg

  daemon-from notice

  daemon-to emerg

  description none

  include "

filter f_remote_loghost {




destination d_remote_loghost {

  udp(\"x.x.x.x\" port(514));



log {






  iso-date disabled

  kern-from debug

  kern-to emerg

  local6-from notice

  local6-to info

  mail-from notice

  mail-to emerg

  messages-from notice

  messages-to emerg

 remotesyslog1 {

      description none

      host x.x.x.x

      local-ip none

      remote-port 514



  user-log-from notice

  user-log-to emerg




can anyone help me on how to stop sending the debug crond[28591]; pam_unix[cron session] to the syslog server [splunk] ????

No RepliesBe the first to reply