Adding year in the syslog message (linux)

Question

I need to log the year in the log message generated by syslog daemon. In particular in the /var/log/secure file. Is it possible?

Here an example of normal syslog message:

Feb 16 04:06:58 HOST sshd[28573]: Accepted password for USER from SOURCE port 7269 ssh2

And I need something similar to:

Feb 16 2011 04:06:58 HOST sshd[28573]: Accepted password for USER from SOURCE port 7269 ssh2

Thanks in advance.

Douglas Leeder · Accepted Answer

If you can't alter the syslog on the system itself, maybe you could setup syslog to send it to a remote system with a better syslog daemon?

Chance Hsu · Answer

If you use rsyslog, it is easy. Refer to following:

Modify /etc/rsyslog.conf to following:

...
authpriv.*     /var/log/secure;RSYSLOG_FileFormat
...

And then asking rsyslog daemon to reload configuration:
```
$ kill -HUP <pid of rsyslog daemon>
```

More reference :

http://www.rsyslog.com/doc/rsyslog_recording_pri.html
http://www.rsyslog.com/doc/rsyslog_conf_modules.html/rsyslog_conf_templates.html

Donate For Us