Forum Discussion
Palo Alto Data Connector failing on storage
There are two places that you define this depending on the Operating system
In the rsyslog.conf file you will see a line like this
*.*;auth,authpriv.none -/var/log/syslog
*.*;auth,authpriv.none -/var/log/messages
Or in the /etc/rsyslog.d/50-default.conf
*.*;auth,authpriv.none -/var/log/syslog
*.*;auth,authpriv.none -/var/log/messages
The fix is to put a # in front of the line and restart the rsyslog server
Systemctl restart rsyslog
The local file should stop growing
tail -f /var/log/syslog or /var/log/messages
There are two places that you define this depending on the Operating system
In the rsyslog.conf file you will see a line like this
*.*;auth,authpriv.none -/var/log/syslog
*.*;auth,authpriv.none -/var/log/messages
Or in the /etc/rsyslog.d/50-default.conf
*.*;auth,authpriv.none -/var/log/syslog
*.*;auth,authpriv.none -/var/log/messages
The fix is to put a # in front of the line and restart the rsyslog server
Systemctl restart rsyslog
The local file should stop growing
tail -f /var/log/syslog or /var/log/messages
Thanks Roger_Fleming & CliveWatson,
Great info, thanks for that and I'll report back how we progress on getting this resolved