syslog.auth - authorization file for accepting remote syslog messages
# format: Each fully qualified host name on a separate line hostname.domain_name
The /etc/syslog.auth file specifies which remote hosts are allowed to forward syslog messages to the local host. For the sake of security, only messages coming from remote hosts listed in the local /etc/syslog.auth file will be logged by the syslogd daemon.
Each remote host name should appear in a separate line in /etc/syslog.auth. A line started with the # character is considered as a comment and is thus ignored.
A host name must be a complete domain name such as trout.zk3.dec.com. If a domain host name is given, it must either appear in the local /etc/hosts file or be able to be resolved by the local name server (BIND).
Note that a host name can have at most as many characters as defined by the MAXHOSTNAMELEN constant in <sys/param.h>, although each line in the /etc/syslog.auth file can have up to 512 characters.
The /etc/syslog.auth file must be owned by root and has a permission of 0600. If the/etc/syslog.auth file does not exist or it exists but is empty or has no valid remote host names in it, the system will assume no remote host is allowed to forward syslog messages to the local host.
To invoke a new version of the /etc/syslog.auth file, run the following command (as the super user) to initialize the syslogd daemon: kill -HUP `cat /var/run/syslog.pid`
The following example provides a typical authorization file: # format: Each fully qualified host name on a separate line c3poid.rvo.dec.com r2d2id.ckt.dec.com
Location of the authorization file.
Commands: syslogd(8), syslog(1)
System Administration delim off