How do I keep my Amazon Linux EC2 instance /var/log/messages from being filled with dhclient and ec2net messages?
This just involves telling the logging system to ignore messages from dhclient
and ec2net
. Edit the /etc/rsyslog.conf
file, and after the #### RULES ####
line and before the lines defining logging for the other files, add these two lines:
:programname,isequal,"dhclient" ~
:programname,isequal,"ec2net" ~
The ~
indicates "don't log this" per the rsyslog.conf
man page.
Then, run service rsyslog restart
to have the system restart the logging daemon.
For Amazon Linux 2, rsyslogd has been updated to support the somewhat more intuitive "stop" keyword, so you can use these lines instead:
:programname,isequal,"dhclient" stop
:programname,isequal,"ec2net" stop
And restart the service with systemctl restart rsyslog
.
Related videos on Youtube
Admin
Updated on December 02, 2022Comments
-
Admin over 1 year
On Amazon Linux in AWS's EC2 service, it uses a very short DHCP lease time, meaning that
/var/log/messages
gets lines in it every couple of minutes from thedhclient
andec2net
services. How can I exclude those from logging, so any important log messages don't get lost in the noise (and while it's not that much disk space, it just seems like a waste, and extra logging to Cloudwatch Logs that I don't really need). Presumably, if I end up running into trouble with it getting an IP address, I can turn the logging back on (if I can get back onto the box at all).These kinds of messages are the ones being repeated every couple of minutes:
Jun 8 09:14:49 server-name dhclient[2206]: PRC: Renewing lease on eth0. Jun 8 09:14:49 server-name dhclient[2206]: XMT: Renew on eth0, interval 9900ms. Jun 8 09:14:49 server-name dhclient[2206]: RCV: Reply message on eth0 from fe80::my:link:locl:addr. Jun 8 09:14:49 server-name ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/0a:91:b3:my:mac:addr/local-ipv4s Jun 8 09:14:49 server-name ec2net: [rewrite_aliases] Rewriting aliases of eth0 Jun 8 09:14:49 server-name ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/0a:91:b3:my:mac:addr/subnet-ipv4-cidr-block
-
Admin over 5 yearsThis doesn't work for me. I thought it might be because the program name seems to include the pid. Eg. it is 'dhclient[2206]' rather than just 'dhclient'. However, using startswith instead of isequal didn't work for me either.
-
Admin over 3 yearsIt doesn't work for me either on 'Amazon Linux release 2 (Karoo)'. rsyslogd version is 8.24.0-52.amzn2.
-
Admin almost 2 yearsIt worked for me on a current version of Amazon Linux 2 of June 2022. I only added
:programname,isequal,"dhclient" stop
and restarted the service as described above.