Redirect UFW logs to own file?

log 14.04 ufw

Is there a way I can easily redirect the entries for UFW to their own log file at /var/log/ufw instead of filling up /var/log/syslog as it's becoming tricky to find solutions to problems with all this UFW stuff flying past me?


Solution 1:

In Ubuntu 15.10 and Debian Jessie there is a file /etc/rsyslog.d/20-ufw.conf. It contains at the bottom # & ~. Remove the # in front of it to uncomment it and refresh rsyslog with the command /etc/init.d/rsyslog restart so that it takes in account the configuration change.

Solution 2:

I'm running Ubuntu 14.04 as well. In my /etc/rsyslog.d/ there's a file 20-ufw.conf which has the following line:

:msg,contains,"[UFW " /var/log/ufw.log

What I've done is delete that file, and at the top of 50-default.conf I added the following:

:msg,contains,"[UFW " /var/log/ufw.log
& stop

Restart rsyslog with sudo service rsyslog restart and your UFW logs should be put into their own file and not into any other.

Solution 3:

ufw uses rsyslog for logging to /var/log/syslog or /var/log/messages:

To change the log file, edit /etc/rsyslog.d/50-default.conf and to the top add:

:msg, contains, "UFW" -/var/log/ufw.log
& ~

This will log all data that contains "UFW" to /var/log/ufw.log will prevent further processing of such data.

Related

How to kill libreoffice from command line
How can I install the util linux version of the column command in 18.04?
Ubuntu 20.04 freezes for exactly 10 seconds during boot, then works normally
Ubuntu missing dual boot
Install Windows XP via USB on device running Ubuntu 11.10
Trying to install Ubuntu 20.04 along side windows 10 [duplicate]
ATI Catalyst didn't update correctly and now can't boot
How can I tell if Duplicity has frozen?
How to disable xscreensaver lock on suspend?
Ubuntu 20.04 becomes super slow
How can I change the voice used by Firefox Reader View (Narrator) in Ubuntu?
Authentification Failure errors after installing Ubuntu 10.04 on Samsung 305V5A