All Questions
235
questions
0
votes
1
answer
39
views
Linux user logs bad encoding (Fedora 39)
. Hello guys, I have this weird formating in my user logs, anyone know where it is coming from ?
Thanks.
G�O`��NMESSAGE=17:19:31.502 › did-navigate-in-page�2�R��� ��\�Ek�D��F���Y$#+y���=��8@9 9�...
- 1
0
votes
0
answers
77
views
Omada Controller and rsyslog
I am totally new to rsyslog so please be gentle ;)
I have an Omada TP-Link controler, that manages all my clients AP across the region.
Everything works fine, I am trying to implement public Wi-Fi ...
0
votes
0
answers
46
views
TACACS+ accounting using linux client
Is it possible to log all commands executed in the Linux machine to a TACACS server?
- 31
0
votes
0
answers
752
views
How to configure rsyslog to use the imfile module?
I have Red Hat 9.2 with rsyslog v8.2102.0-113.el9_2.1.
I use default /etc/rsyslog.conf and a custom configuration called vums.conf located in /etc/rsyslog.d/.
module(load="imfile")
input(...
- 15
0
votes
1
answer
29
views
How to figure out why os stalled
I'm guesing it was either a disconnected ssd running the os, or the power supply unit , an uniterruptible power supply that is old. Because i was moving the ssd around within the desktop at the time, ...
- 115
2
votes
0
answers
210
views
Log file name based on application with syslog-ng
I'm using syslog-ng and currently my config only separates log files based on ip address and facility:
source s_network_udp {
syslog(transport(udp) port(514));
};
destination d_local {
file("...
- 93
0
votes
0
answers
368
views
How to Forward /var/log/yum.log to Remote Logging Server using rsyslog.conf?
Gents,
I am trying to find a way to forward /var/log/yum.log towards Remote Logging Server using rsyslog.conf in my RHEL7. But Not happening.
I have tried this approach but no luck -
$InputFileName /...
- 69
0
votes
1
answer
91
views
How to get log info to STOP going to console in Ubuntu 22
I have no idea what is causing this but I just did an update and upgrade and now I'm getting all kinds of info going to the terminal.
Here are some simple examples from sudo invocation, an anacron, ...
- 1,506
0
votes
1
answer
293
views
Does Windows have something like journald on Linux?
I have a Windows 10 installed as main OS on a machine. When I installed it fresh it would boot in like 5 seconds, but as time passed and new updates got installed, the boot times became slower and ...
- 1
0
votes
1
answer
92
views
How to disable gz backup history of logs?
In the /var/log directory from time to time different backup log files are saved, some ending in .1 .2 .3 and .gz. How can I configure the system to generate a single log without making backups but at ...
- 181
0
votes
1
answer
462
views
Find log files under multiple directories and compress each file with its own name and date
I have multiple directories like below and I want to compress each file in place.
/var/dir1/logs/logfile.log
/var/dir2/logs/logfile.log
/var/dir3/logs/logfile.log
I want to use find and tar with ...
0
votes
0
answers
1k
views
How to list users logged via remote desktop(xrdp) and ssh on Ubuntu
I'm using some shared Ubuntu machine and using the who, w, last commands doesn't print any users just my own user. Issuing reboot print a list of users logged in via xrdp.
Is there a command that can ...
0
votes
0
answers
95
views
journalctl entries are logged using the same time, in 5minute intervals
I have a service which queries a database every second and print out results to console. When I look at journalctl I get a couple hundred lines that all have the same timestamp, and then the next ...
- 33
0
votes
1
answer
1k
views
Changing security levels of Fortigate logs?
Tech newbie here.
I want to send Fortigate logs to a syslog server. Previously, I was receiving way too many unnecessary firewall logs, 90% of them with a security level of "notice." I have ...
user1703909
0
votes
2
answers
75
views
Prevent application (iscsiadm) logging to dmesg?
I have an issue where running sudo iscsiadm -m discovery -t st -p IP -l logs to dmesg across all terminals on the server.
The command is run from a java application, using:
Runtime.getRuntime()....
- 101
39
votes
1
answer
3k
views
Accidentally deleted log file of running process `python something.py 2>&1 | tee .log`. Is there a way to still save the output on the tmux-pane?
Accidentally deleted log file of running process python something.py 2>&1 | tee .log. The script is running in a tmux pane on zsh. The process is still running but not logging. The output ...
- 516
0
votes
1
answer
1k
views
How to Forward Windows Print Log to Syslog
I want to collect logs from various machine (windows and linux) to a centralized log server. The log server has been configured and is listening on port 514 tcp and udp for log in syslog protocol.
I ...
- 126
2
votes
1
answer
28
views
Automatically switch to new rotated log
On debian I monitor nginx logs with tail command:
tail -f /var/log/nginx/access.log
but since at midnight access.log is rotated (access.log is renamed as access.log.1 and new access.log is created), ...
- 25
1
vote
2
answers
476
views
Continue ddrescue from a corrupted log file
I ran ddrescue a few days ago in my 180GB partition, but after 3 days (and 99.91 % rescue and in phase 3 the last time I check) the system frozen, so I power off the computer by keeping pressed the ...
- 11
1
vote
0
answers
313
views
ufw logs BLOCKS from 2 sites while BLOCK logging is completely disabled for ALL sites
Logging is enabled. Only allow rules are logged. The very last line of my firewall rules is:
Anywhere DENY Anywhere
No logging is asked for, however two IPs repeatedly show ...
0
votes
1
answer
151
views
Debian 10 - OpenSSH-Server How to redirect user login info to a different logins file?
Debian 10 + OPENSSH-SERVER 7.9
I have a remote server that connect to my local server every minutes and in the local server's syslog, every minute I have:
Oct 11 18:22:01 localhost systemd[1]: Started ...
- 1
2
votes
1
answer
1k
views
Configuring journald.service to log its own debug_log messages
I have a Linux server that is rotating its logs every hour or so, and I'd like to understand why.
I noticed that journald itself contains debug logging, like this, that might explain it. But I checked ...
- 171
1
vote
1
answer
585
views
how to get print of ssh user logged in by password?
I want to know if it is possible to get the hash key fp from the ssh diaries for the ssh user login with a password, not a key. I see public key login keyprints recorded in the file, but no passwd ...
- 68
0
votes
1
answer
92
views
What could be a list of important configuration files and logs file on a Linux system that deserve to be monitored by a SIEM? [closed]
I am not a system engineer and not a security expert (I am more a software developer) but I am working on a project related to a SIEM installation (Wazuh). At the moment this installation have only a ...
- 7,201
0
votes
1
answer
1k
views
prevent kernel message which appears on terminal screen /dev/tty1
Kernel debug level message
watchdog : BUG: soft lockup - CPU#0 stuck for 22s!
appears in my console(/dev/tty1) and I am trying to prevent it.
I tried following 3 methods but none of them worked:
I ...
- 101
11
votes
1
answer
10k
views
How to stop journalctl showing audit logs and only keep it in a file?
I would like to have all auditd logs only in it's own log file and keep my journalctl view less polluted with events that most of the time, are generated by my own actions (single-user/personal ...
- 358
0
votes
0
answers
104
views
How to edit file inplace
I am writing some logs in a file using logging module
#filename : demo.py
import logging
#other imports as well
logging.basicConfig(filename="myfile.log",
format='%(...
- 101
-1
votes
1
answer
231
views
Is this kind of log system harmful to the hard disk?
Recently I'm learning the web development and I found the applications will write their running
logs into /tmp/appname/logs/a.log or /tmp/appname/logs/a.log.1 with the following format:
{"message&...
- 233
1
vote
1
answer
8k
views
How to get “failed login attempts since the last successful login” count as a variable?
When I log in to a server I see:
Last failed login: Fri Jul 17 12:47:01 CEST 2020 from 111.222.333.444 on ssh:notty
There were 2713 failed login attempts since the last successful login.
Last login: ...
- 41
1
vote
0
answers
24
views
squid - logfile based on source
According to some googled documents, I am trying to set up per-host logfile to exclude some requests from access log, but to keep these requests in different logfile. My related config in squid.conf:
...
- 11