configuration question

Hi,

This is a debian testing witth syskklogd 1.4.1-17 and kernel 2.6.12.
I notice that with 'logger' i can't get through to the /var/log/kern.log...

For example,

logger -p kern.crit so what at `date`

doesn't work. The relevant line of /etc/syslog.conf:

kern.* -/var/log/kern.log

I think i must have overssen something in the manpage ?
(I append the complete conf at athe end.)

The boot and init messages, dmesg and iptables log stuff all seem to be in the kern log as expected.
The above logger command is shown in the logfiles: messages, syslog, debug.

I'm trying to set up some intrusion monitoring and control here, so it's quite important to me to have the logs working reliably .... please, anybody ?

TIA

Micha

  °
 /\/

Complete syslog.conf:

## /etc/syslog.conf: Configuration file for syslogd Doc: man 5 syslog.conf
##
## XXX customized by --mi.
##
## console-log tails logs on some console-terminals like:
## tty8 -- auth.log or apache error.log
## tty9 -- syslog
## tty10 -- debug (custom)
## Numbers only valid with X running on tty7. See /etc/console-log.conf.
##
## facilities:
## auth, authpriv, cron, daemon, ftp, kern, lpr, mail, mark, news,
## syslog, user, uucp and local0 through local7.
##
## priorities:
## debug, info, notice, warning, error, crit, alert, emerg.
##
## Asterisk (*) may be used for 'any', (!) for 'not'
##
############################################################################

# Emergencies are sent to everybody logged in:
*.emerg *

####### experimental: WLAN ROUTER
local7.* /var/log/local7

######## DEBUG - Custom debuggin log

# These relay local7 somehow ...?
# daemon.info;\
# kern.warning;\
# user.warning;\
*.warning;\
     # These are not connected to local7 (at this p):
# syslog.warning;\
     cron.none;\
     local7.none -/var/log/debug

######### SYSLOG

*.notice;\
mail,news,user,local2,auth,authpriv,cron,mail,news.err;
user.warning;\
daemon.warning -/var/log/syslog
# was: *.*;\ cron.warn;\ auth,auth.priv.none

######### AUTH
ftp,uucp,auth,authpriv.*;\
cron.none -/var/log/auth.log

######## MESSAGES: Kept instead of 'user' log here.
*.crit;\
    user.notice;\
    mail,news.warning;\
    local7,auth,authpriv.none -/var/log/messages

######## OTHER

kern.* -/var/log/kern.log
uucp.* -/var/log/uucp.log
# local2: pppd with option debug
local2.* -/var/log/pppd.log
cron.* -/var/log/cron.log
lpr.* -/var/log/lpr.log
daemon,local0,local1,local2,local3.* -/var/log/daemon.log

# Mail system: Split to ease processing.
mail.info -/var/log/mail.info
mail.warning -/var/log/mail.warn
mail.err -/var/log/mail.err
# no split: mail.* -/var/log/mail.log

# INN news system:
news.crit -/var/log/news/news.crit
news.err -/var/log/news/news.err
news.notice -/var/log/news/news.notice
Received on Tue, 27 Sep 2005 03:16:42 +0200