All Questions
82
questions with no upvoted or accepted answers
1
vote
1
answer
39
views
Check Mount Directory
I have raspberry pi and have microsd with raspbian from which the system is loading and the HDD on which I write logs. I encountered such a problem that sometimes the disk falls off and the logs begin ...
- 11
1
vote
0
answers
518
views
Reading log files using logstash which rotates every day
I am reading a log file using file input plugin in logstash and sending this logs to elastic search. Log file is rotated at every 00:00. When I rotate log file, the file is zipped and moved to a ...
- 21
1
vote
0
answers
568
views
Log correlation with syslog-ng patterndb
I'm trying to play with syslog-ng and patterndb and I am having trouble with log correlation.
The documentation on how to do it is here : https://www.syslog-ng.com/technical-documents/doc/syslog-ng-...
- 11
1
vote
1
answer
2k
views
Redirecting the output of service in Ubuntu to Log files
I am on Ubuntu 16.04 and deployed a service in /etc/systemd/system.
The service file booster.service contains
[Unit]
Description = booster
After = network.target
[Service]
ExecStart =/opt/tech/...
- 11
1
vote
0
answers
911
views
'su root' succeeded for root on /dev/??? - SunOS logging
I have a log like this in /var/log/authlog :
<date> <server> su: [ID 366847 auth.notice] 'su root' succeeded for root on /dev/???
and in /var/adm/sulog
SU 12/12 11:13 + ??? root-root
...
- 11
1
vote
1
answer
1k
views
Is there a way to send logs to a remote host in real time?
I've been experimenting with high-interaction honeypots lately. Unfortunately if an adversary achieves root access they could easily wipe the logfiles on a system, defeating one of the purposes of a ...
- 182
1
vote
0
answers
152
views
centos7 what is the best value of audit.rules
I am now suffered with audit : backlog limit exceeded.
I found some articles with similar situation and they said adjust audit log count with audit.rules.
Here is my audit.rules
## This file is ...
- 687
1
vote
0
answers
28
views
Identify event that stalled server with GPU-applications temporarily
I'm running 4 intensive applications (training of machine learning models on GPUs) that regularly prints information about how fast they're running on a Linux 14.04 machine. Strangely enough, the ...
- 301
1
vote
0
answers
505
views
Check to see if server is up
Create dir logs (for outputted logs)
Create a script IsTheServerUp.bash
Write a script to check if the server is up
Log(echo) the outcome to the file
Use curl command to check the server
Use ...
- 21
1
vote
1
answer
3k
views
How to make my Window system a Syslog server
I have my D-link router which can forward its logs to a syslog server. Now, I do not have any syslog server. Hence, I want to make my Windows machine a syslog server to get those logs from the D-link ...
- 69
1
vote
0
answers
345
views
How can I get exact same log file name in Rsyslog v-8
Previously I was using Rsyslog v-7.14 and having the template:
$template UDP-Logging, "/var/log/RemoteLogs/%HOSTNAME%/UDP-%PROGRAME%-%$now%.log"
if $fromhost-ip ! '127.0.0.1' then -?UDP-Logging
&...
1
vote
0
answers
534
views
Problems with the tomcat access-logs
I need your help.
I want to log the access on my Apache Tomcat webserver on SLES 12.
It is running and logging normally. But when I visit the site, tomcat is writing 8 lines into the ...
- 11
1
vote
0
answers
47
views
New Trisquel installation always at 100% CPU, log files grow very fast, graphical glitches, etc
About a week ago, I installed Trisquel on a rather old (2010-ish) computer, and ever since then there has been an issue which I had never found a solution for, but hesitated from asking for support ...
- 11
1
vote
0
answers
132
views
how to get this layout with multitail
I have a silly one for you
I know how to do this with multitail (multitail -s 2 -sn 1,2 A.log B.log C.log):
+-----------------------+------------+
| | |
| ...
- 146
1
vote
1
answer
1k
views
rsyslog.conf: kern.err /dev/console. Where do these messages go?
There is a commented line in rsyslog.conf:
#kern.* /dev/console
If I add this line to the configuration file:
kern.notice /dev/console
Where do these messages go?
If I run this ...
- 111