I use a modified syslog.conf that I like. I have my PIX firewalls log going to this machine as well (SuSE 7.2). Some of my PIX logs keep spamming me in my telnet sessions. (secureCRT from a Windoes machine) Have I overlooked something in my /etc/syslog.conf file? (Note: yes I restarted syslogd and there are no spaces in /etc/syslog.conf, all are tab stops) Any ideas? Thanks, Chuck Here is my /etc/syslog.conf file: # DO NOT MODIFY # Last Modified: Wed Oct 3 11:22:51 PDT 2001 # If you desire changes contact Chuck x2095 # PIX Firewalls local7.* -/var/log/ipix.log local4.* -/var/log/opix.log # LOG_KERN kern.* /var/log/kernel # LOG_USER user.* /var/log/messages # LOG_MAIL mail.info;mail.debug;mail.notice /var/log/mail.log mail.crit;mail.emerg;mail.alert /var/log/mail.crit mail.err /var/log/mail.err # LOG_DAEMON daemon.* /var/log/messages # LOG_AUTH auth.* /var/log/security # LOG_SYSLOG syslog.* /var/log/syslog # LOG_LPR lpr.* /var/log/lpr # LOG_NEWS news.* /var/log/news # LOG_UUCP uucp.* /var/log/messages # LOG_CRON cron.* /var/log/cron # LOG_AUTHPRIV authpriv.* /var/log/security # LOG_FTP ftp.* /var/log/ftp *.alert;local7.none;local4.none root *.crit;local7.none;local4.none /var/log/critical *.emerg;local7.none;local4.none /var/log/emergency *.warn;local7.none;local4.none /var/log/warn kern.warn;*.err;local7.none;local4.none;authpriv.none /dev/tty10 kern.warn;*.err;local7.none;local4.none;authpriv.none |/dev/xconsole