Hi Jon, hi Craig,
yes, if the application in question logs to
/var/log/messages, adding a regular expression for a pattern present in every message it emits should be sufficient.
To add a more general comment on logging: Currently, most applications and daemons on IPFire log to
/var/log/messages, which makes this file a bit bloated. You might have noticed if you are trying to troubleshoot something, conduct a
tail -f on this file and need to
grep out any log messages from programs you are not interested in. Example (removes log messages from IPsec):
tail -f /var/log/messages | grep -v "charon"
Some things, such as Suricata (IPS) and Squid, log into their own logfiles. I don’t know about other developers’ opinions, but to me, trying to split up log destinations makes sense.
To keep it short: Please consider logging into a custom logfile, if possible.
Thanks, and best regards,