Summary:	ASTERISK-20744: [patch] Security event logging does not work over syslog
Reporter:	Michael Keuter (mkeuter)	Labels:
Date Opened:	2012-11-27 09:14:37.000-0600	Date Closed:	2015-01-12 12:03:16.000-0600
Priority:	Minor	Regression?
Status:	Closed/Complete	Components:	Resources/res_security_log
Versions:	11.0.0 11.0.1	Frequency of Occurrence	Constant
Related Issues:	is duplicated by ASTERISK-25243 Asterisk logger can't log level "security" to syslog
Environment:	AstLinux 1.0.5, Linux 2.6.35, Asterisk 11.0.1	Attachments:	( 0) asterisk-20744-syslog-dynamic-logging_trunk.diff
Description:	The SIP security event logging works fine for me for console and file logging, but the security events are not logged over syslog. Everything else except "security" works fine over syslog. logger.conf: ... syslog.local0 => notice,warning,error,security logger show channels Channel                             Type     Status    Configuration -------                             ----     ------    ------------- syslog.local0                       Syslog   Enabled    - NOTICE WARNING ERROR SECURITY /var/log/asterisk/security_log      File     Enabled    - SECURITY                                   Console  Enabled    - NOTICE WARNING ERROR SECURITY
Comments:	By: Joshua C. Colp (jcolp) 2012-11-27 09:24:51.650-0600 To any individual who takes a gander at this: I suspect the underlying cause of this is because the security log level is dynamic. Dynamic logging levels may not work correctly with syslog, as well I believe there is an explicit mapping in the code for internal log levels to syslog log levels. This may also present an issue. By: Michael L. Young (elguero) 2013-04-15 12:48:36.328-0500 Josh is right about syslog not handling dynamic logging at all. This patch adds the ability for dynamic logging to be output to syslog by basically defaulting to the syslog level of LOG_NOTICE. This was a quick way to get the desired logging. By: Jacek Konieczny (jkonieczny) 2014-12-31 08:37:08.208-0600 The problem affects Asterisk 13.1.0 too. And the patch attached to this issue works for Asterisk 13. By: Matt Jordan (mjordan) 2015-01-12 11:09:49.059-0600 I'm personally fine with this solution. Security events sound like NOTICEs to me. I'm going to go ahead and commit this as such.