The SYSLOG_DAEMON variable tells psad which syslog daemon is running on the local system. Possible values for this variable are: syslogd, syslog-ng, ulogd, and metalog. This variable allows psad to verify that the corresponding syslog configuration file is set up properly so that messages are written to the /var/lib/psad/psadfifo named pipe, with one exception: If psad is configured to acquire iptables log messages via ulogd, no syslog daemon is required to be running, because messages are written to disk directly by ulogd.6 The kmsgsd daemon is not even started by psad in this situation.

Was this article helpful?

0 0

Post a comment