All Questions
21
questions
0
votes
0
answers
77
views
Omada Controller and rsyslog
I am totally new to rsyslog so please be gentle ;)
I have an Omada TP-Link controler, that manages all my clients AP across the region.
Everything works fine, I am trying to implement public Wi-Fi ...
0
votes
0
answers
752
views
How to configure rsyslog to use the imfile module?
I have Red Hat 9.2 with rsyslog v8.2102.0-113.el9_2.1.
I use default /etc/rsyslog.conf and a custom configuration called vums.conf located in /etc/rsyslog.d/.
module(load="imfile")
input(...
- 15
2
votes
0
answers
210
views
Log file name based on application with syslog-ng
I'm using syslog-ng and currently my config only separates log files based on ip address and facility:
source s_network_udp {
syslog(transport(udp) port(514));
};
destination d_local {
file("...
- 93
0
votes
0
answers
368
views
How to Forward /var/log/yum.log to Remote Logging Server using rsyslog.conf?
Gents,
I am trying to find a way to forward /var/log/yum.log towards Remote Logging Server using rsyslog.conf in my RHEL7. But Not happening.
I have tried this approach but no luck -
$InputFileName /...
- 69
0
votes
1
answer
1k
views
Changing security levels of Fortigate logs?
Tech newbie here.
I want to send Fortigate logs to a syslog server. Previously, I was receiving way too many unnecessary firewall logs, 90% of them with a security level of "notice." I have ...
user1703909
1
vote
1
answer
11k
views
How to read from syslog?
I can write to syslog via:
logger "foo bar baz"
but how do I read from syslog? my only guess is:
tail -f /var/log/syslog
but that doesn't seem right from my testing.
Note: also looking for a way ...
- 1
1
vote
0
answers
563
views
Log correlation with syslog-ng patterndb
I'm trying to play with syslog-ng and patterndb and I am having trouble with log correlation.
The documentation on how to do it is here : https://www.syslog-ng.com/technical-documents/doc/syslog-ng-...
- 11
0
votes
0
answers
67
views
Linux log grows large, resets, does it again
Am running Ubuntu 18 and don't have a ton on their for apps. The hardware is setup with one 120gb SSD as root/boot and the rest of the drives as 2 pair of raid drives where media files, etc... reside.
...
- 113
1
vote
1
answer
3k
views
The log files are empty
I found out that my /var/log/messages is empty!
Also my /var/log/auth.log is also empty!
Also it is not logging any messages.
My /etc/rsyslog.conf file is as follows:
# /etc/rsyslog.conf ...
- 181
2
votes
0
answers
557
views
MacOS - How to change syslogd's log level for a specific process/program?
I am new to MacOS and I would like to get a better of view of what's going on with a system process when my computer is starting up. I can see in the log that a process is changing settings, but the ...
2
votes
1
answer
12k
views
How to disable syslog messaging to /var/log/syslog
I'm working on a centralized logging solution using the ELK stack and Kafka.
I'm running Ubuntu Xenial on all the machines, and I'm using Rsyslog with omkafka to write all log messages to a kafka ...
- 171
4
votes
1
answer
2k
views
How to send log entries to a remote server running journald (systemd)
I have an iot module running a firmware that has the capability of sending the logs to a remote syslog host. I've already configured it to send the entries to an Ubuntu Server running rsyslog.
I'd ...
- 143
0
votes
1
answer
7k
views
rsyslogd: how can you use $ModLoad imfile more than once?
I am testing out Loggly.com, which uses rsyslogd to collect log entries. Loggly provides scripts that generate config files. Each config file starts with $ModLoad imfile, however this seems to only ...
- 165
1
vote
0
answers
345
views
How can I get exact same log file name in Rsyslog v-8
Previously I was using Rsyslog v-7.14 and having the template:
$template UDP-Logging, "/var/log/RemoteLogs/%HOSTNAME%/UDP-%PROGRAME%-%$now%.log"
if $fromhost-ip ! '127.0.0.1' then -?UDP-Logging
&...
-1
votes
1
answer
89
views
Linux RedHat - Logging await
How can I create an await log for the devices /dev/emcpower*1.
The log should be in the pattern of:
Aug 23 10:00:11 /dev/emcpowera1 2.96
Aug 23 10:00:11 /dev/emcpowerb1 2.91
Aug 23 10:00:13 /dev/...
- 186