Nimbostratus

Sep 07, 2021

Need to stop sending the debug crond [28591] from f5 to syslog server [splunk]

I have changed the logging level of syslog config from info.... err to emerg.....emerg . Also have specifically mentioned a filter for the remote server where i am filtering the log as:

sys syslog {

auth-priv-from emerg

auth-priv-to emerg

console-log enabled

cron-from emerg

cron-to emerg

daemon-from notice

daemon-to emerg

description none

include "

filter f_remote_loghost {

level(emerg..err);

};

destination d_remote_loghost {

udp(\"x.x.x.x\" port(514));

};

log {

source(s_syslog_pipe);

filter(f_remote_loghost);

destination(d_remote_loghost);

};

iso-date disabled

kern-from debug

kern-to emerg

local6-from notice

local6-to info

mail-from notice

mail-to emerg

messages-from notice

messages-to emerg

remotesyslog1 {

description none

host x.x.x.x

local-ip none

remote-port 514

}

user-log-from notice

user-log-to emerg

}

can anyone help me on how to stop sending the debug crond[28591]; pam_unix[cron session] to the syslog server [splunk] ????

Forum Discussion

Need to stop sending the debug crond [28591] from f5 to syslog server [splunk]

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Setting up F5 Telemetry Streaming with Splunk Cloud

Issue when deploying F5-Analytics app using f5.analytics.v3.7.1 template to send logs to SPLUNK

How I did it - "Visualizing Data with F5 TS and Splunk"

The TCP Send Buffer, In-Depth

LTM Policy don't send to external log server