All Questions
235
questions
0
votes
0
answers
40
views
How do I log the execution of programs within a directory regardless of shell?
I'm curious when exactly a particular directory is being used and when it is loaded into memory. Is there a way to place a low level hook in the linux file system that says when a file with execution ...
-2
votes
1
answer
5k
views
Rsync returns “such file or directory” when running command
I am new to Linux and I am using rsync in order copy logs from one server to another but the command I am running says directory not found. What is going wrong?
001 rsync -u -avze ssh /apps/container-...
0
votes
1
answer
4k
views
Log messages containing a specific string to another file in rsyslogd
I want to save my log messages generated by iptables to another file via rsyslogd.
Currently I use this code from /etc/rsyslog.d/20-custom.conf:
# Log cron to cron.log and not to syslog
*.*;cron,...
0
votes
1
answer
90
views
Strip off previous lines in tail or less
I'm using tail -f or less +F to observe a changing log-file. I know from a certain point the lines I'm looking for are going to appear.
So all that garbage before that point I don't require and would ...
16
votes
1
answer
22k
views
How to follow systemd unit log?
I have a running systemd unit and I want to follow it's log.
I know I can show unit's log by using:
journalctl -u my_unit.service
But that only prints current logs without following them.
I know I ...
0
votes
1
answer
66
views
Is ftp connections and actions are logged in REDHAT 7?
I am using a REDHAT 7 server through a VPN connection (with some other users). I want to know if FTP connections and operations are logged somewhere. I tried to look around /var/log but nothing seemed ...
2
votes
0
answers
561
views
MacOS - How to change syslogd's log level for a specific process/program?
I am new to MacOS and I would like to get a better of view of what's going on with a system process when my computer is starting up. I can see in the log that a process is changing settings, but the ...
1
vote
0
answers
911
views
'su root' succeeded for root on /dev/??? - SunOS logging
I have a log like this in /var/log/authlog :
<date> <server> su: [ID 366847 auth.notice] 'su root' succeeded for root on /dev/???
and in /var/adm/sulog
SU 12/12 11:13 + ??? root-root
...
0
votes
3
answers
4k
views
search in log from last hour
I need bash script to search in the log words Failed and failure. But only from last hour
cut -c 5- /var/log/mail.log | awk '($0 >= from)' from="$(LC_TIME=C date +'%_d %H:%M:%S' -d -1hour)" |grep -...
2
votes
1
answer
12k
views
How to disable syslog messaging to /var/log/syslog
I'm working on a centralized logging solution using the ELK stack and Kafka.
I'm running Ubuntu Xenial on all the machines, and I'm using Rsyslog with omkafka to write all log messages to a kafka ...
1
vote
1
answer
1k
views
Is there a way to send logs to a remote host in real time?
I've been experimenting with high-interaction honeypots lately. Unfortunately if an adversary achieves root access they could easily wipe the logfiles on a system, defeating one of the purposes of a ...
1
vote
2
answers
303
views
Filter lines if number of string occurrence found?
Need to filter and show log lines, if line contains exactly 2 commas, and does not contains a specific string. Which linux command need I use, awk, grep, what is the expression?
For second condition ...
3
votes
1
answer
2k
views
How to enable systemd's journal audit transport?
I have been studying logging on Linux but I have come to a road-block that's got me stuck for the past few days. My goal is to forward logs from two raspberry pi 3's running OpenSUSE Tumbleweed (...
5
votes
0
answers
6k
views
How do I get reasonable server-side NFS log output?
I was experiencing some problems with nfs-kernel-server on Debian stretch which I could solve by luck. Still, I learned that the log output was not of much help of me. I would like to change that to ...
1
vote
0
answers
152
views
centos7 what is the best value of audit.rules
I am now suffered with audit : backlog limit exceeded.
I found some articles with similar situation and they said adjust audit log count with audit.rules.
Here is my audit.rules
## This file is ...