Got a Ubuntu system. Have a device on my LAN that can send Syslog messages.
I would like to:
1. Capture these specific syslog messages.
2. Keep them separate from any other syslog activity on the Ubuntu system.
3. View these syslog messages later.
I've just configured my Linksys RVS-4000 router to syslog messages to remote syslogd server (i.e. my CentOS5 machine). Redirecting messages was easy, but now I'm having difficulties to redirect those same messages received from Linksys to a separate log file. By default, all these messages are logged to /var/log/messages, and after browsing manual pages for syslog, syslog.conf, and syslogd, came to suspect that what I want isn't possible.
View 1 Replies View RelatedI wrote a script which will run in ubuntu box and will display in tty1, without loading the gdm. The problem is when I plugged in a usb drive it will cause some messages to be printed into the current tty user logged in.
Like : [sdb] Assuming drive cache: write through
This is really disturbing when a user is running the script. Is there anyway that I can direct all the messages to some other tty which I don't use.
What is the easiest way in Linux to convert syslog messages to XML?
View 1 Replies View RelatedI want read the log messages to my 'c' application , i am using the fedora core 8 operating system , how to read the system log messages(syslog) through my application.
View 3 Replies View RelatedIs there a way to send syslog messages through SNMP? I'm not finding much info online around this. A co-worker said it was easy to do. RHEL5.5
View 1 Replies View RelatedI have the following BIND messages filling up my SysLog that I'm hoping someone can explain to me:
Code:
Dec 9 09:35:44 dns2 named[30103]: client 67.130.224.5#49551: query (cache) 'www.domain.com/A/IN' denied
Dec 9 09:35:47 dns2 named[30103]: client 67.130.224.5#64561: query (cache) 'www.domain.com/A/IN' denied
[code].....
I would expect this behavior if "domain.com and anotherdomain.com" wasn't a domain that I hosted. But this is a valid domain that this server should be answering for. In my named.conf I do have the
Quote:
allow-query { any; };
option on every zone. This is my slave server and I have the primary shut off so I can test this slave server. FYI: So far queriers still seem to be working. The pages for the sites are still coming up via the internet.
I am facing an issue with my syslog server. The server is collecting remote log also. and the issue is no log messages are updated in /var/log/messages file. But other files are getting updated.
[root@Server1 ~]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
[code]....
On this Ubuntu 8.04.4 LTS server, I want to log the messages from a Linksys router. So I made this change to "/etc/init.d/sysklogd" SYSLOGD="-r" Then in "/etc/syslog.conf" I added the following to the top of the file: Code: if $fromhost isequal 'Linksys' then /var/log/Linksys.log & ~
Then I rebooted the server. But there is no "/var/log/Linksys.log" file.
I am facing a problem while trying to log SSH messages in a separate file, say, /var/log/ssh_logs. I have tried modifying the syslog-ng.conf file as follows:
filter f_ssh { facility(auth, authpriv) and match("sshd[[0-9]+]:"); };
destination d_ssh { file ("/var/logs/sshd_logs"); };
log {
[code]....
But still I am not able to get the ssh logs in the new file. They continue to go to /var/log/auth.
I have my system set up to where the router(dd-wrt) will send it's syslog messages to my Linux PC system. I am using shorewall as my firewall. I have two questions: How can I configure shorewall to allow the messages from my router? If I use my router IP address to allow the messages to come through the firewall, will this be a great security risk as anything from the internet can come through on that router ipaddress?
View 1 Replies View RelatedRHEL 5.4 i want to be able to do redistribution of inbound syslog messages to syslogd. as example, my syslog.conf has in it at the end:
*.* @192.168.5.5
*.* @192.168.5.6
my sysconfig/syslog file has "-r" as the only option for syslogd. any messages generated by the localhost will be sent to the two remote servers, but messages that come into this box (udp 514) only get logged locally and do not get sent out to the remote hosts.
you may ask why do i want to do this. because i have several syslog servers (for security purposes) and many of my net devices are configured to send syslog to all the syslog servers, hence each device is sending way too much duplicate udp-514. so i would like to minimize the udp-514 coming out of the devices, have all devices send to a central syslog server, and then central syslog server do distribution to the other syslog servers. others have also called this "syslog proxy". or, if not with syslogd, how to achieve this (preserving the original syslog message host info, etc)?
I'm getting 10000000's of syslog messages :
"eth0: PHY reset until link up"
- I have wireless and don't normally use an ethernet cable. From Googling round I found this bug report https://bugs.launchpad.net/ubuntu/+s...ux/+bug/270184 which appears to match the problem, however I do not feel happy/competent enough to recompile the driver as suggested in the bug fix. Is there a way to configure the driver so that it only tries the eth0 connection a limited number of times? This is Ubuntu 8.04 2.4.26-27 and SIS 191 chipset
What i'm trying to accomplish seems rather silly but is needed for my little project here.
I'm using OpenSuSE 11.2 as a media center PC and need it to login automatically(console not X). That one i accomplished without problems.
However, after login i can see all the info about the services that were started and that needs to "go away".
One could do a "clear" in the .bash_rc and or .bash_profile but it will still show the login prompt which i don't want to see either (i don't even want to see the blinking cursor as well).
Question: How do i accomplish that so that the login console shows only the "splash screen" without any output of the kernel,rc.status nor the "issue-file"... just a plain blank screen ?
I need to be able to send snmp traps based on certain severity or content of syslog messages. Can this be done from standard linux? Alternatively, are there MIB's out there that support syslog events so I can get the status from snmp?
View 1 Replies View RelatedGNOME has adopted the pulseaudio infrastructure and it has grave errors reading from ALSA sinks. One of the many effects is that every 2 or 3 seconds a 3 line error message is written to the syslog to the effect of 'ALSA woke us up...blah blah blah' and it is filling up everyone's syslog. What I need is a workaround to just stop these messages from being written so I can level set and figure out a long term course of action.
View 2 Replies View RelatedI'm running a cobalt raq550 web server (Linux version 2.6) and I want to install a syslog program on it, something that could log messages and send me an instant email in response to certain messages it receives. Is there such a program?
View 6 Replies View RelatedI wish to prevent the samba messages (mainly nmbd and winbindd) from appearing in the system log (/var/log/messages). I want to allow samba logging to the standard samba logfiles, but prevent the syslog getting clogged up by samba. I added syslog = 0 to smb.conf and reloaded the config but the messages were still appearing. I also tried the following (and restarted the syslog via /sbin/service syslog restart) # Suppress messages from samba.
nmbd.* /dev/null
smbd.* /dev/null
winbindd.* /dev/null
For interests sake the messages I'm getting are below (I'm not concerned about the messages themselves, I can chase them up at my leisure via the samba logs) Mar 18 09:58:29 SERVER nmbd[3808]: query_name_response: Multiple (2) responses received for a query on subnet xx.yy.z.zz for name DOMAIN<1d>. Mar 18 09:58:29 SERVER nmbd[3808]: This response was from IP xx.yy.z.zz, reporting an IP address of xx.yy.z.zz.
I noticed there're lots of "usb 3-1: reset low speed USB device using uhci_hcd and address 2" warnings in two of our server's syslog. They occur roughly every 20min. The server is a Dell R710 with CentOS 5.4 X86_64 installed. I suspect it's the virtual CD device of the iDrac6 but not sure. How Can I identify which USB device triggering these warning? The related syslog is as following:
Code:
Apr 13 23:32:47 bak2 kernel: usb 3-1: reset low speed USB device using uhci_hcd and address 2
Apr 13 23:42:44 bak2 kernel: usb 2-3: USB disconnect, address 3
Apr 13 23:45:53 bak2 kernel: usb 2-3: new high speed USB device using ehci_hcd and address 4
[code]....
I have a syslog server which is logging locally and also receiving syslogs from another device. The other device doesnt allow you to change the facility. The facility it is using is "4 - security/authorization messages". Is there anyway to configure syslog so that it writes the sec/auth logs in different places for both the local machine and the remote machine?
View 1 Replies View RelatedI need to capture from my webcam. It has a mic too.I can specify video input device as /dev/video0.I specified input audio device as /dev/dsp2 ( OSS device, corresponding to USB Webcam), Now VLC throws an error, "VLC is unable to open the MRL 'alsa:///dev/dsp2'. Check the log for details".Thinking it wants an alsa device, I specify device as /dev/snd/pcmC2D0c. (got it from kinfocenter and dolphin). Now again an error, "VLC is unable to open the MRL 'alsa:///dev/snd/pcmC2D0c'. Check the log for details.".I try with any device, the same error. I have added myself to audio device so that I can read/write to the mentioned devices.I see no way of switching VLC to use OSS. And I see no information (documentation on net) on it's expected device listing for audio.
View 5 Replies View RelatedI have been trying to get tvtime or any tv package to work with my Pinnacle PCTV HD usb but I have not had success. I have correctly installed every driver imaginable. So, here is what it what it comes down to: When I open tvtime it says "cannot open capture device /dev/video0" and the screen is blue. But my usb PCTV HD stick is NOT /dev/video0 so the question is how can I get tvtime to look for the usb tv tuner rather than video0?
View 9 Replies View RelatedI'm trying to view the output of a dv firewire capture device (advc-100) fullscreen through vlc. I've read of people being able to do this but a detailed explanation of how eludes me.
I'm running Ubuntu 10.10 and VLC 1.1.4
The error message I'm given after trying to open through 'media>open capture device>play' is;
Quote:
Your input can't be opened: VLC is unable to open the MRL 'v4l2:///dev/ffc1/'. Check the log for details.
(and I can't find the log)
I'm not even sure if I've got the device name right so I ran lspci from the command line which gave the following output (and I still can't work out what it is);
Quote:
[ 0.008410] ... event mask: 000000000003ffff
[ 0.014418] ACPI: Core revision 20100428
[ 0.020016] ftrace: converting mcount calls to 0f 1f 44 00 00
[ 0.020023] ftrace: allocating 21756 entries in 43 pages
[Code].....
I have video capture device "MSI vox USB 2.0", every thing seem to be fine, but none of tv applications show the device, they just show my webcam "/dev/video0"
It's driver is "em28xx" from "v4l2"
I test it with "mythtv, tvtime, xawtv, kdetv, me-tv, v4l2-tool, vlc, mplayer" none of them work detect the device, expect mplayer open a green window with time out message.
The device work fine under windows I test it with vlc-win
lsusb show:
Quote:
dmesg | grep em28xx show:
Quote:
Quote:
So i did:
Quote:
then:
Quote:
Quote:
Quote:
I've made a lot of progress getting my easycap 2.0 usb capture device to work with ubuntu 10.10. I've got the picture up any everything works great. But about a minute into the stream it just freezes, I need to go into "playback" and either pause then play, or click "next", it then refreshes and works again for another minute or so. I'd believe it if someone says faulty hardware because the easycap is cheap, but I don't think that's the case. Additionally, is there any way to set VLC so that when I open it, it automatically opens with my video capture device (/dev/video0) so that I don't have to go into the options and change it every time?
View 1 Replies View RelatedTrying to install the drivers for my blackmagic intensity pro capture device and I cannot get the driver to install I get an error in the ubuntu software center saying:
There seems to be a programming error in aptdaemon, the software that allows you to install/remove software and to perform other package management related tasks. Please report this error at [URL] and retry.
Details:
Traceback (most recent call last):
File "/usr/lib/python2.6/dist-packages/aptdaemon/worker.py", line 768, in simulate
return self._simulate_helper(trans, status_path)
File "/usr/lib/python2.6/dist-packages/aptdaemon/worker.py", line 851, in _simulate_helper
size = int(deb["Installed-Size"]) * 1024
ValueError: invalid literal for int() with base 10: ''
I have the latest ubuntu fully up-to-date.
I'm getting some jitter when capturing via RCA or S-Video from an em28xx device. Input type is PAL, other than that I haven't fiddled with mplayer or vlc's options (vlc only sees the RCA input, mplayer sees both)
View 1 Replies View RelatedI have two sound devices, an internal audio device on my motherboard and an external USB devices, which came with my headset. After upgrading to 11.4, the microphone on my headset ceased to work with my softphone. As it turned out, the softphone used the standard input device, which was defined in the Phonon tab in the KDE System Settings. Unfortunately, when I put the USB Device on top of the default input stack, it doesn't stay there. When I apply the changes and leave the Phonon tab or even enable "Show advanced devices " the stack always resets to its initial order. I was unable to find any kind of config file where Phonon saves this settings.
View 4 Replies View RelatedIn Ubuntu 9.10, I was successfully able to use my Pinnacle Dazzle DVC 100 (a cheap USB analog video capture device). I use it for backing up old video that is stored on tapes, and it isn't working with my current install of Ubuntu 10.04. When I plug the device in, it should be detected and the em28xx module should be loaded. This fails and /var/log/messages has the following:
Code:
Sep 25 16:13:18 kernel: [1196215.111898] usb 2-2: new high speed USB device using ehci_hcd and address 20
Sep 25 16:13:18 kernel: [1196215.266097] usb 2-2: configuration #1 chosen from 1 choice
[code]....
I'm making an attempt to install drivers for my easycap dc60 USB video capture device. Someone was good enough to make a driver project on sourceforge. Problem is I cannot get it compiled.
Code:
Building
make[1]: Entering directory `/home/jan-bart/Download/easycap_dc60.0.4/src'
make -C /usr/src/linux-headers-`uname -r` M=/home/jan-bart/Download/easycap_dc60.0.4/src modules
make: Entering an unknown directory
make: *** /usr/src/linux-headers-2.6.31.8-0.1-desktop: No such file or directory. Stop.
make: Leaving an unknown directory
[Code]...