Questions tagged [syslogd]
The syslogd tag has no usage guidance.
40
questions
1
vote
1
answer
9k
views
Rsyslog forward logs cannot connect Permission Denied
Have configured Rsyslog to ship logs to a remote location through an SSH tunnel.
However rsyslog complains with "Permission denied":
rsyslogd[28412]: cannot connect to 127.0.0.1:10601: ...
0
votes
1
answer
7k
views
Getting logger to log to rsyslog in alpine
I installed rsyslog on my Alpine-based system to replace busybox syslogd. After completely disabling syslogd in openrc, enabling ryslog at boot and rebooting, all services correctly started logging to ...
0
votes
1
answer
286
views
How to append host IP address and host MAC addres to every log message?
I have several log agents with iptables logging rules and default rsyslog config. Rsyslog sends the logs to the central server.
Iptables rule:
iptables -A INPUT -j LOG --log-prefix "INPUT:DROP:" --...
0
votes
0
answers
1k
views
rsyslogd vs auditd? Are they alternatives or complement each other?
I see that both auditd and rsyslogd services are running (on my OpenSuse Leap 15 box). A quick google didn't give a good answer.
Are these services doing the same job? i.e. Could i get rid of one of ...
0
votes
1
answer
4k
views
Log messages containing a specific string to another file in rsyslogd
I want to save my log messages generated by iptables to another file via rsyslogd.
Currently I use this code from /etc/rsyslog.d/20-custom.conf:
# Log cron to cron.log and not to syslog
*.*;cron,...
2
votes
0
answers
561
views
MacOS - How to change syslogd's log level for a specific process/program?
I am new to MacOS and I would like to get a better of view of what's going on with a system process when my computer is starting up. I can see in the log that a process is changing settings, but the ...
0
votes
0
answers
216
views
Redirecting messages from syslogd
I'm currently using a CentOS 6 cluster which is having some issues on one node that is triggering a syslogd message:
Message from syslogd@node005 at Sep 7 14:23:04 ...
kernel: Uhhuh. NMI received ...
0
votes
1
answer
2k
views
What is the purpose of a "-" prefix to the log file path in /etc/rsyslog.d/50-default.conf and similar files?
Among others these lines appear in the file:
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
#...
1
vote
0
answers
786
views
rsyslogd: How to prevent logging in the /var/kern.log file and redirecting to another file?
I am trying to redirect iptables log to another file.
Based upon my reading on the net, I did the following:
In my iptables rule, I have rules like:
iptables -A INPUT -s ... -j LOG --log-prefix "...
2
votes
1
answer
2k
views
asl.conf doesn't take an effect on my enviroment OS X Yosemite
I'm trying to stop certain application's annoying logging, with no success so far. What I did is those things explained like in this question:
How to disable/ set logging level /preferences PER Mac ...
1
vote
1
answer
1k
views
Millisecond precision in syslogd on OS X
When I log messages to syslog in OS X (10.10.1), it truncates the timestamp to the second. If I log to a file, for example, I am able to capture milliseconds. Milliseconds matter when logs are coming ...
0
votes
1
answer
415
views
File monitoring using syslog
Can rsyslog, syslog-ng programs monitor change of file? I want to monitor files and receive the changes made to the file by syslog on server. Thank you.
1
vote
2
answers
5k
views
Stop syslog messages from being sent to all open terminals
We have a hardware problem on one of our servers, and the kernel is continuously spitting out messages like this:
kernel: EDAC MC0: UE row 0, channel-a= 0 channel-b= 1 labels "-": NON-FATAL ...
1
vote
0
answers
2k
views
Syslogd: hardware error
The machine has been sending these messages to the terminal, paired with beeps from the speaker on the motherboard. These messages appear every 5 minutes, sometimes naming CPU2, sometimes CPU3.
...
1
vote
1
answer
516
views
What does the - mean in this syslog configuration
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
So the docs indicate:
The ...
1
vote
0
answers
2k
views
Logging rssh/chroot SFTP users
I'm trying to log activity (uploads, downloads, renames, deletes) for SFTP users.
If I SFTP with a normal user, it logs to /var/log/secure.
If I SFTP with a rssh user, it logs that they connected, but ...
0
votes
1
answer
1k
views
Syslog cannot start
I run rsyslog on Ubuntu server.
after rsyslog starts, it restarts in a loop.
here is a piece of /var/log/syslog:
Aug 13 16:05:50 ip-10-92-237-215 rsyslogd: rsyslogd's groupid changed to 103
Aug 13 ...
4
votes
3
answers
4k
views
Disabling syslogd in FreeBSD
I'm running FreeBSD in a very small VM with about 1.5G of space. I'd like to disable syslogd to save disk space, but there is no entry for it in /etc/rc.conf. service -e shows that syslogd is indeed ...
1
vote
1
answer
3k
views
How to capture the remote [ rsh/rcp ] login events and information using syslog.conf
I am exploring ways to capture the remote login events in my Linux server [ Oracle Linux 5x ].
Many users are connecting to the server using rcp and rsh protocols , I wish to capture the events [ such ...
1
vote
0
answers
646
views
how to get logs in DD/MM/YYYY format and ipaddress format using rsyslog in ubuntu
Feb 4 10:32:57 master sshd[2070]: pam_unix(sshd:session): session opened for user root by (uid=0)
Feb 4 10:32:59 master sshd[2070]: Received disconnect from 192.168.0.107: 11: disconnected by user
...
3
votes
2
answers
9k
views
Redirecting output from syslog to own log
I'm following this tutorial: Using Fail2ban To Block Wrong ISPConfig Logins, but rsyslog won't redirect the output from a file to another:
/etc/rsyslog.d/12-ispconfig.conf:
if $programname == '...
1
vote
0
answers
102
views
Tag incoming syslog messages with source?
I'm running Mac OS X 10.7 server, with syslogd accepting remote syslogs on the standard UDP port. I just spent some time trying to debug a problem where I was getting messages in my log every 10 ...
2
votes
2
answers
3k
views
Configure a UNIX server to send its logs to a remote syslog server?
Is it possible?
If so, how is it done exactly? The syslog.conf file doesn't help too much.
2
votes
1
answer
1k
views
External drive causes spotlight and indexing errors
I'm having issues with an external drive. My computer is a new Macbook Air running Lion. I had an external drive hooked up today, including a TM backup, to get some files. I'm seeing the following ...
5
votes
5
answers
13k
views
How to disable/ set logging level /preferences PER Mac OS X application?
I find my Mac's syslogd "Cosole" logs become unusable when some badly written app (PathFinder.app in this case) incessantly spews into syslogd all day long.. I read somewhere that you could disable ...
0
votes
1
answer
353
views
syslog facilities
I have an application (in java) running in a Windows PC and I want to send logging messages to a syslog server running in a Linux box somewhere in the network.
The problem I have is, that it is not ...
5
votes
1
answer
4k
views
"Supervising" syslog-ng in htop
I was working at my server, when in htop I just noticed something unusual.
The syslog-ng process was listed as follows
supervising syslog-ng
/sbin/syslog-ng
I don't know what it means. I tried to ...
1
vote
1
answer
475
views
Capture and log to disk syslog remotely
I have a Windows XP machine. On this machine, I would like to view data sent by my Tomato router, which is running syslogd, which I can configure to send out syslog data instead of logging internally. ...
3
votes
1
answer
1k
views
Mac ASL: Unable to see my application's log messages
I have just added ASL logging support to my application (a compiled binary) but I cannot see any log entries using Console.app. I am logging with facility 'com.mydomain.myapp' (that's not the actual ...
0
votes
1
answer
207
views
syslog shell expansion
Is there an easy way to prevent the logging of commands run into syslog as post-shell expansion ?
I.e log a command of "ls *.log" as just that, rather than "ls a.log b.log c.log d.log" It makes ...
1
vote
0
answers
550
views
Running a remote syslog server
I have a Mac dev machine configured to forward certain syslog entries to a remote syslog host. It's configured to forward them to my Ubuntu server. The Ubuntu server currently has rsyslog installed (...
1
vote
0
answers
123
views
How can I run a command when a certain message is dumped to /var/log/messages?
I'm suffering under some bug that makes pulseaudio dump millions of messages in my syslog:
Oct 17 15:58:38 host pulseaudio[3757]: alsa-sink.c: Resume failed, couldn't restore original fragment ...
2
votes
2
answers
6k
views
Message from Syslogd
During a ssh session running a long rsync-job the system crashed and I received the following output in my shell:
Message from syslogd@x123 at Aug 21 13:42:05 ...
kernel:[1050642.629179] ------------...
2
votes
2
answers
928
views
Putting a remote syslog into its own file
I have a Tomato router and it has the capability to have its logs go to a external server. syslog is the obvious choice for this. So I enabled remote logging on my linux server's syslogd (syslogd -r) ...
3
votes
3
answers
6k
views
access windows log files from linux
I'm trying to remotely access windows log files from linux.
So far I've found two different approaches.
Install syslog server on windows machine and let windows send log files to linux, read those ...
1
vote
0
answers
165
views
Using syslog to monitor stopped services on Win2k
I am using a central syslog server to capture event logs from Windows machines.
I am specifically interested in monitoring Windows services. This works well under XP machines - each time a service ...
5
votes
2
answers
11k
views
auth.log is empty (Ubuntu)
The /var/log/auth.log file in my Ubuntu 9.04 is empty. syslogd is running and /etc/syslog.conf content is as follows. Any help? Thanks.
# /etc/syslog.conf Configuration file for syslogd.
#
# ...
11
votes
3
answers
22k
views
How do you enable syslogd to accept incoming connections on Snow Leopard from remote loggers?
How do I get syslogd to accept incoming connections from remote hosts on Snow Leopard?
I'd like to centralize logging such that various devices and systems send logs to Snow Leopard's syslogd, ...
3
votes
1
answer
6k
views
OS X Sending syslog to a remote box
For some reason I have a hard time wrapping my head around how OS X handles things like init, cron, and "normal" daemon maint. Too many years spent doing *nix work.
How do I configure syslogd on a ...
1
vote
2
answers
311
views
Understading the output of syslogd -d
Ubuntu
What is the meanding of 80, F and X in the following output of syslogd -d?
0: X X X X FF X X X X X FF X X X X X X X X X X X X X X FILE: /var/log/auth.log (unused)
1: ...