Syslog overrun hack

Syslog overrun hack

Posted on 2013-02-05 by Ed Braaten

One of our prototype Linux systems was writing warnings about PCIe hardware correctable errors non-stop to /var/log/messages. The otherwise well-functioning system would run out of disk space before completing longer test runs due to the flood of warning messages in /var/log/messages. The root-cause of the messages (bad hardware/BIOS) will get addressed eventually but in the meantime the following quick hack worked to suppress the bogus warnings, saving disk space.

  1. Change the default “*.info” to “*.err” in the /etc/rsyslog.conf file. This sends all messages with priority “err” or higher to the /var/log/messages file. The actually priority list in increasing priority is: debug, info, notice, warning, err, crit, alert, and emerg.
  2. Restart the rsyslog daemon with “service rsyslog restart”.

This hack worked fine on Red Hat Enterprise (RHEL) 6.3.

Copyright (C) 2013 by Ed Braaten.  All rights reserved.
Other Blog Entries