CentOS 5 Server :: Rotating Named Logs Via Syslog.conf?
Mar 1, 2010
OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none/var/log/messages
Here is the logging section of my named.conf
# pwd
# /var/named/chroot/etc
logging
{
[code]....
View 5 Replies
ADVERTISEMENT
Apr 1, 2011
I am using Cent OS 5.5 and i want configure DNS, but while configuring bind i am getting below error.
#/etc/init.d/named restart Stopping named: [ OK ]
Starting named:
Error in named configuration:
/etc/named.conf:57: open: /etc/named.root.hints: file not found[FAILED]
View 2 Replies
View Related
Aug 13, 2010
I've installed squid 2.7 stable9 in centos 5.4 x32 bit. I've installed and configured it successfully, its working fine. I want to clear few doubts, for that your kind help is needed. Parallely, I've configured another server using binary rpms with same squid version (2.7 stable9). I found that it creates a /etc/logrotate.d/squid for rotating log files (access.log, cache.log, store.log). Which is properly rotating log files using compress, dateext and size options (i manually added the size option).
But after compiling and installing from source code, its automatically not created. I want to rotate the log files in the same way as it is doing when i install using binary rpms. Below logfile_rotate entry is present in my squid.conf file (in source code installation scenario) logfile_rotate 10 Below logfile_rotate entry is present in my squid.conf file which is commented (in binary rpm installation scenario) #logfile_rotate 10 I want to rotate the log files by size (as I've more than 200 users, these logfiles size increasing very fast, ie. approx 80 MB per hour), with compress and dateext option.
View 3 Replies
View Related
May 13, 2010
I installed syslog-ng so I can receive remote logs. this is working however since I disabled syslog on my syslog-ng server I am not logging in /var/log/messages cron and some others.locally)I know this is because my syslog-ng.conf only references remote and not local.How can I edit the syslog-ng.conf file so that I can receive remote and local? I tried this however when adding in portions of the default config, I only receive local and not remote logs anymore. I am forwarding my config.
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
[code]....
View 2 Replies
View Related
Jan 17, 2011
configure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server
View 6 Replies
View Related
Sep 24, 2009
I'm running Ubuntu Desktop 9.10. How do I get it to forward its logs to a syslog server (its running on a different machine)?
View 2 Replies
View Related
Oct 18, 2010
how does one configure a Ubuntu 10.4 machine to write its logs to a syslog server?
View 1 Replies
View Related
Oct 28, 2009
i've made a big update of almost 300Mb.I'had a working DNS server.Now, when i boot the box, named works and it resolves all the clients.If i make any change (enter a new client for example) and of course i restart named (service named restart), named stop but does not start again !!!In order to get a working named, i 'm obliged to reboot the box?
View 6 Replies
View Related
Mar 30, 2011
I was just looking around and did a tail on my syslog and some strange entries came up:
[Code].....
I'm a Verizon customer in Maryland, USA running Linux at my home and I don't understand why named is looking at servers in France and Saudi Arabia. Am I just being paranoid?
View 6 Replies
View Related
Jun 1, 2009
I've been scanning the apache2 docs for the past few days and have not come up with an answer my following issue:
In my httpd.conf file, at the very end, I have the line
Include conf/vhosts/vhost_*.conf
However, when I run apache checkconfig or try to start apache, it gives me the error:
httpd: Syntax error on line 993 of /etc/httpd/conf/httpd.conf: Could not open configuration file /etc/httpd/conf/vhosts/vhost_1.conf: Permission denied
It appears as if the Include line is correct - in terms of it grabbing the first virtual host conf file. However, I'm confused on the permissions. the /etc/httpd folder is owned by root:root, as are the subfolders. As a test, I chown'd the conf/vhost folder combination and all the vhost files to apache:apache to see if that made a difference, and it appeared to make no difference at all. The log files don't contain anything (assumed because apache isn't starting). If I place the contents of the vhosts in a singular vhosts.conf it works - with the permissions set to root:root. I'd like to avoid having to use one vhosts conf for the configuration I'm trying to achieve - as it would make my life a lot easier.
View 3 Replies
View Related
Aug 9, 2010
i installed php-syslog-ng 2.9.8m in RHEL5 box. I saw logs from the local machine once the cron execute in every one minute.I dont need to appear those in my syslog console. I want to disable these from my linux box.How can i archive this
View 1 Replies
View Related
May 23, 2011
CentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what! Last night I got the following in my logwatch : -
Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
[Code]...
The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.
View 2 Replies
View Related
Feb 2, 2009
For remote syslog logging of the general log files, I set:
Quote:
How do I setup the remote syslog logging of apache logs? Do I just add a line in the httpd.conf file to for example ?:
Quote:
View 2 Replies
View Related
Jun 15, 2011
I've suddenly stopped getting emails from logwatch which runs on an Ubuntu server daily using cron.After a good day or so of troubleshooting, I was able to establish that it was the 'Service = named' line in my logwatch.conf file, which was stopping the emails from coming through. If I commented out this line, the logwatch emails come through with no issues, uncomment, and I don't get an email. I don't get any error from logwatch itself when I run it, even with '--debug high', leading me to think that my email configuration is setup ok, at least. Furthermore, I tried running logwatch with '--output file --format html' and logwatch produces a valid html file.
I then thought: "Could I have a entry in my Bind/named log files which could be rejected by my ISP's smtp server?". So, (to the best of my knowledge) I cleared out the log files in /var/log that contained messages from named. I then ran logwatch (including the named service in my logwatch.conf file) and I got an email through, with a pretty much empty named section, which is exactly what I anticipated. Great! - it's fixed.
So, the cron.daily ran early this morning, but still no email in my inbox when I got up. I then tried to run 'logwatch --Range today' and lo and behold, I got a logwatch report email, which included a named section, with log entries in there. So it seems that something that's been logged by named overnight to my logfiles (i.e. '--Range yesterday') has caused issues again with logwatch's ability to send reports through my ISP's smtp servers.
View 1 Replies
View Related
Jan 17, 2010
Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
View 2 Replies
View Related
Aug 23, 2010
I am searching that how i can configure syslogs/rsyslog to receive third party tools or softwares logs. For example i have a program that generates logs like when it is started and logs about its services, alerts if there are any alarms etc. I want to forward these logs using syslogs/rsyslog. Is their any possibility how can i achieve that
View 2 Replies
View Related
Jun 1, 2011
I tried to install Syslog-ng-3.2.4 in Centos 5.6,when i need to start the deamon syslog-ng =>Failure and i have this message:
Code: [root@RelaisXXX etc]# service syslog-ng start Starting syslog-ng: Your configuration file uses an obsoleted keyword, please up Your configuration file uses an obsoleted keyword, please update your configurat
Error creating persistent state file; filename='/usr/local/var/syslog-ng.persist Starting Kernel Logger [FAILED]:
View 18 Replies
View Related
Jan 11, 2009
I open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
View 7 Replies
View Related
Nov 20, 2009
how to configure syslog server in centos?
View 3 Replies
View Related
Apr 29, 2010
I got CentOS 5.4 with LAMP. Installed Plesk, tried to configure it, and then error - Quote:Unable to restart Named: dnsmng failed: dnsmng failed: dnsmng: Service /etc/init.d/named failed to restart
View 7 Replies
View Related
Oct 9, 2010
i meet problem on named service, i want to configure my DNS with bind...after i /etc/init.d/named statusThis shows :"rndc: connect failed: 127.0.0.1#953: connection refusednamed is stopped"
View 2 Replies
View Related
Dec 20, 2010
don't find box of BIND so i was posting into this boxI have some problem when i config bind DNS for my domain and then i can't start named,this's error message
[root@server1 named]# service named restart
Stopping named: [ OK ]
Starting named:
[code]....
View 1 Replies
View Related
Dec 11, 2010
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies
View Related
Aug 7, 2011
I have a dual-processor x86 box with CentOS 5 Linux 2.6.18-238.19.1.el5, mysql Ver 14.12 Distrib 5.0.77, and tons of storage space. I want to run a syslog solution on this box for a SOHO infrastructure. We've got routers, switches, Windows servers, other Linux boxes, etc. I've looked at syslog-ng, but it seems rather overkill, but I like the idea of storing logs in a MySql database. Is there anything I can yum install?
View 2 Replies
View Related
Mar 14, 2011
I have Red-Hat 5.6 , bind package and chroot installed, but i did not find the file named.conf in /etc !!!
View 3 Replies
View Related
Sep 17, 2010
Missing Syslog.conf file First I installed VM Ware. I then installed Debian on a virtual machine which appears to be running fine. (except I have no network connectivity) but I digress. The real issue is that there is no syslog.conf in etc directory or anywhere else.
View 8 Replies
View Related
Aug 19, 2010
I'm reading about how to set log options and I can't find /etc/syslog.conf?
I'm using fedora12 , ubutnu 10.04 and suse 11.2.
And Can't find syslog.conf anywhere.
View 3 Replies
View Related
Aug 23, 2009
I have installed bind from the repos and am trying to setup a caching name server. After copying the stock name-cachinging.conf to named.conf, I tweaked named.conf to reflect my LAN:
options {
listen-on port 53 { 127.0.0.1; 192.168.1.102; };
listen-on-v6 port 53 { ::1; };
[code]...
View 2 Replies
View Related
Jun 17, 2009
I was studying for RHCE exam,and the only problem I cant query these records from the same server Every time I dig myself it digs the ICANA example website But from anther computer it works fine
[Code]...
View 1 Replies
View Related
Mar 15, 2010
I was checking my syslog.conf file recently and it seems that it is an empty file >_> it shouldn't be correct?
View 2 Replies
View Related
