General :: Enabling / Disabling Specific Priority In Syslog.conf?
May 11, 2011
Trying to figure out why the following two are treated differently...
Code:
*.warn;
kern.!=debug;auth.none;
authpriv.none;cron.none;mail.none;news.none -/var/log/syslog
and
[Code]....
According to man syslog.conf "You can specify multiple facilities with the same priority pattern in one statement using the comma (``,'') operator. You may specify as much facilities as you want. Remember that only the facility part from such a statement is taken, a priority part would be skipped."
Can someone confirm that this statement means that kern.!=debug is ignored in the first part because it's priority is not the same as the trailing facilities ending in .none?
I�m installing fail2ban to improve the security of a home asterisk server which from time to time becomes the target of some sip account cracker and/or ssh brute force attack.For those not familiar with fail2ban, this utility monitors log files to find matches with user specified expressions to identify the presence of a brute force attack. Then configures iptables rules to block the offending IP.Here�s an example:
Code: NOTICE[1734] chan_sip.c: Registration from '"613"<sip:613@xx.xxxx.xxx.xxx>' failed for 'yyy.yyy.yyyy.yyy' - No matching peer found
I have some init scripts that launch some daemons that I wrote. I want Linux to generate a coredump anytime something crashes. I activated coredumps in /etc/security/limits.conf by adding the next line:
* hard core 100000 After rebooting, I run ulimit -a and I can see that coredumps are not activated: > root@computer:~# ulimit -a > core file size (blocks, -c) 0 First, I checked if there is any file script on my system that deactivates coredumps (greping ulimit -c 0 ), but I didn't find anything so far.
Then, I created a bogus c program..to double check if it's working, and I can confirm that it's not. The program is this
I am having a problem using my laptop's special keys to toggle my touchpad on and off on my ASUS G73JH laptop, running Ubuntu 10.10 (2.6.35-28-generic-pae).
First, some preliminaries:
My touchpad works just fine, but it does not respond to my laptop's special key, Fn+F9.
In /etc/acpi/events I have the following script, "asus-touchpad":
Code: # /etc/acpi/events/asus-touchpad # This is called when the user presses the touchpad button and calls # /etc/acpi/asus-touchpad.sh for further processing.
How do you enable/disable the autostart of services. For example let's say I know I'm not gonna use apache and mysql for a while and don't want it to autostart anymore how do I disable it ?
And then once it is needed again how do you enable the autostart again ?
I ran into this today accidentally turned on networkmanager and it took it upon itself to rewrite some things and proceeded to make any DNS lookups on my server Especially those reverse DNS for SSH and SFTP take so long they would just time out instead of completing.. Disabling networkmanager did not undo the damage either. Short fix, Erase your resolv.conf file and add 2 lines to it as so, your nameservers!
nameserver xxx.xxx.xxx.xxx nameserver yyy.yyy.yyy.yyy save, and run the following commands service network restart service httpd restart service sshd restart
Mine had a search line added by networkmanager and some others, when i reverted it back to as above, almost instantly after restarting the services the systems lookups were once again, lightning fast. DNS lookups were taking upwards of 20 seconds for unknown reasons after this happenned
We want to know following : 1) What is the difference between rtprio and priority in limits.conf? 2) How to apply changes in values of limits in limits.conf? 3) What is the value system takes if it is not set in limits.conf? 4) What is the max/ideal value of each parameter especially priority?
I have BT4 as an iso image and start it up by booting from cd, when i try the command root@bt~:startx it comes up with this fatal error. what can i do to get this work? and of course im new at this.
Missing Syslog.conf file First I installed VM Ware. I then installed Debian on a virtual machine which appears to be running fine. (except I have no network connectivity) but I digress. The real issue is that there is no syslog.conf in etc directory or anywhere else.
OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example
# Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none/var/log/messages
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
I need to ftp all of my Linux server files & folders through FTP Pro . But I can just login as /home/www user and I cannot login as super user that is suitable for my case (as I want to see all of the files) . how can I raise the priority of ftp such that FTP Pro can login to my Linux server as root user ?
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
I noticed in my system that my root partition is getting full. I found a lot of old compacted syslogfiles. Had a look at etc/sysconfig editor eg cron but could not find a setting which allows to delete files older than a month. Where and how could I influence this ? I deleted manually all syslog files older than a month. Approx 6GB
Code: # ps 22355 pts/3 00:00:00 bash # # ps -l 22355 F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD 0 S 519 22355 22354 0 75 0 - 1338 wait4 pts/3 0:00 -bash # # ps -o pid,priority,command 22355 PID PRI COMMAND 22355 15 -bash #
Why are the priority values of the process different? What is the difference? Is the value 15 the "nice" priority? Then, what is the value 75? Please, explain the difference of each result.
In a office network, how to queue incoming downloads and later, it will be scheduled by priority? Is there any such open source project /tool available? I have heard about squid proxy, but does it allow re scheduling ?
I dont have eny version or experiance of linux at the moment and im a bit of a neanderthal when it comes to computers. im trying to diside what version of linux to use to reformat my other computer, bearing in mind my main priority is gaming. which version would you think would be best?
I'm using two swap disks. Changing the order they are in in /etc/fstab and using "pri" in fstab doesn't have any effect. This is what it looks like /etc/fstab
#swap on other disk UUID=90a1550c-84d6-4bde-8bc1-7c15292980f1 none swap sw,pri=-1 0 0 #swap on same disk UUID=13b70e65-f1c3-4728-920f-9e92467d1df0 none swap sw,pri=-2 0 0
[Code]...
Its opposite of what it is in fstab, and changes to fstab have no effect.
I have two custom tasks running daily. How do you give priority to one over the other?One of them is configured via the logrotate.conf. The other sits directly in cron.daily.I'd like the one in cron.daily to run after the script that is in logrotate.Please can you advise how to do this...
I want to record an internet radio station starting at 2:00am tomorrow morning. The specific program on the radio station lasts until 6:00am. The command I need to run to record the station is: Code:mplayer http://wjcu.jcu.edu:8001/listen.pls -ao pcm:file=indie_heat_of_the_night.wav -vc dummy -vo nullI'd use cron, but 1. I'm not sure how to and 2. it seems unnecessarily complicated for something that I only want to run once. If cron is the only/easiest solution, I guess I'll just have to resort to that, but I'd rather not.
