I was wondering how could I specify for how long the logs will be kept. Rsyslog doesn't have such an option (at least I didn't find it).Do I have to use logrotate for this, or is there some other option?
View 1 RepliesI try to log all my iptable logs to mysql instead just a logfile. The setup is as followed:
[Code].....
[red]Problem[/red] rsyslog logs everything correct, except it does not log to db, it logs to /var/log/messages. As I am brand new to the whole Linux experience, I don't get it. My /etc/rsyslog.conf is setup with $ModLoad onmysql.
I am searching that how i can configure syslogs/rsyslog to receive third party tools or softwares logs. For example i have a program that generates logs like when it is started and logs about its services, alerts if there are any alarms etc. I want to forward these logs using syslogs/rsyslog. Is their any possibility how can i achieve that
View 2 Replies View RelatedFor internal security reasons I need to prevent ourmcat logs from writing to the webserver local disk. We set up a separate logging server with rsyslog and need to pipe the log data to it.I am trying to work out how to configure tomcat to send all log data to the logging server via the rsyslog client (running locally) via a named pipe. We are on CentOS 5.6, Tomcat 6 and rsyslog 5.8.1. I need to know: 1) do we use the default logging library or log4j2) where is this configured in the tomcat config3) is there any code that would need to be written to achieve this
View 1 Replies View RelatedWe want to begin centralizing our system logs to a dedicated server, using a daemon that is flexible and offers more features. After some research, I decided to give rsyslog a whirl (versus syslog-ng).roblem has come down to compilation errors which, unfortunately, I've not been able to resolve otherwise (rsyslog forums) and it appears this is a larger problem with the product. So before I begin making another decision, I wanted to get some input from others here.Here is a snippet of the errors:
Code:
/usr/local/src/rsyslog/rsyslog-5.4.0/runtime/queue.c:1291: undefined reference to `ATOMIC_SUB'
[code]...
I have set up one Fedora 10 server.I found that rsyslog service is running on Fedora 10 server.How to configure rsyslog on Fedora 10 to collect the log from Cisco ASA5510 ?
View 2 Replies View RelatedAfter struggling and googling on the internet I can't manage it to work.I have stup rsyslog to receive the logging from my firewall and it puts it into the syslog file.ut I would like to have a separate logfile for these messages.I have created the firwall.log file with owner syslog, same as for the syslog file.I already have tried to use in the /etc/rsyslog.d/10-firewall.conf the following ::msg, contains, "firewalld" /var/log/firewall.logor
:msg, contains, "firewalld" -/var/log/firewall.logI don't know the difference between the "-" sign in the lines but I have seen also those kind of situations.
I also have put this line into the 50-default.conf file because I thought it wasn't seeing the 10-firewall.conf file but no work.I have added a $template HostMessages, "/var/log/%HOSTNAME%/logfile.log" in the /etc/rsyslog.conf file but neither it works.In the firewall I can see the Syslog facility is now on LOG_LOCAL0 and I can change it from LOCAL0, LOCAL1, LOCAL2, ... until LOCAL7What does these different numbers mean
We are facing problem of to many file open error because of that application become slow and in tomcat catalina log we get following error frequently Jul 6, 2009 12:27:57 PM org.apache.tomcat.util.net.JIoEndpoint$Acceptor run SEVERE: Socket accept failed
at java.net.PlainSocketImpl.socketAccept(Native Method)
at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:384)
at java.net.ServerSocket.implAccept(ServerSocket.java:453)
[code].....
no file limit,file descriptor limit for 300 user of tomcat application server and also oracle database server?
I am using slackware 13 and openldap 2.4
with webmin.
whenever I start my server i get following error "root DN missing".
when I try to create root DN I get error "unable to create object class".
where do we define object classes?
I'm trying to create a group called Domain Users, that will include several other groups that are populated with users inside of the LDAP database. In the LDAPdatabase, for a group entry, there are memberUid entries that can be filled. When I try to use another "Group" name, it just lists that name and not the people in that group. So if group "A" has Jim, John, Sue, and I include group "A" in the memberUid of the Domain Users group, I want that to reference the people in that group, not the group name. Testing access right, having the group name listed in "Domain Users" group, does not grant user access under the group rights on a directory. Should be simple, but I don't know the syntax to use for this reference.
View 2 Replies View RelatedWe are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies View RelatedI would like to monitor a RedHat via snmp. I would like to make available data via snmp. The data that I would like to graph are only present in logs file. Is it possible to parse data from applicative logs and have them available for my cacti server via snmp? I already monitor CPU, mem, and others with cacti using the standard MIB.What would be the logical step I would need to achieve that?
View 1 Replies View RelatedI Have RHEL4 running on IBM X3550 server, we request IBM support regarding issues with this server, they will request for IBM DSA logs. The logs are quite extensive and cover almost all server config & can identify hardware issues with drivers...etc. I want to know if there is a way to analysis those logs offline without sending them to IBM support?
View 3 Replies View RelatedHow to get the Q2 patching logs of particular server (Linux 2.6.9-100.EL)
View 1 Replies View Relatedhow to find logs in hp-ux server why it get unexpected shut..down is any hardware failure or or its been hard boot
View 3 Replies View Relatedhow to check maillogs for previous days. wht is command to check log for yesturday in sendmail8.14 .fedora os i know /var/log/maillog.this gives o/p for today but wht abut yesturday.?
View 10 Replies View RelatedIam looking security specific event ID on Linux .hear are thousnds of event ID in Microsoft Windows/XP and VISTA etc. Similar way looking for Linux,unix ,Solaries,AIX etc event ID. I would to correlate and implement with Arcsight.
View 2 Replies View RelatedWe are forwarding logs (perl script executed logs) to one Red Hat Linux box. We have to get 97 logs for each time the script runs. But we see inconsistent number of logs coming to Linux box. Like one time we got 56, other time 3 , other time 43.. like this.. We are sure that 97 logs are being forwarded. Checked the Rsyslog.config filer any filters and couldn't see any filter dropping them. When we run the tcpdump, we can see 97 connections, but logs are not there in specified location.
View 1 Replies View Relatedhow to setup logs in Vsftpd? I have default configuration in CentOS but its not log`ing
View 1 Replies View RelatedSince Port 80 and 443 are the only ports I have open, how is it that an IPAddress can hit my server yet not appear in ANY logs ?
View 9 Replies View RelatedI am installing RHEL 5.5 to be a syslog server to collects logs from servers (HP-UX, Linux, Windows and Cisco Network Devices). and i can now collect logs from my windows PC on syslog linux server by using Datagram SyslogAgent software. can collect logs from HP-UX 11.23 server. and i configuring the Unix server as in the steps below:
1. Log in as root
2. Go to /etc/syslog.conf
3. Add a line: *.*<tab>@<Sentinel Server IP Address>
*.* @10.15.1.5
4. Save and Close
# netstat -na | grep 514
tcp 0 0 *.514 *.* LISTEN
udp 0 0 *.514 *.*
[code]....
i am monitoring access log messages in squid proxy server,can it possible to get date,time,day in access logs is it possible
View 2 Replies View Relatedconfigure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server
View 6 Replies View RelatedIs there any way to delete squid proxy access logs. e how can the access logs be deleted
View 6 Replies View RelatedI ran a scan (clamscan -r --remove /home/) on my user's home directory yesterday & since I have so many users on my mail server, it takes a very long time to complete. I came back in this morning and realized that there were two infected files found during last nights scan:
Code:
----------- SCAN SUMMARY -----------
Known viruses: 847768
Engine version: 0.96.4
Scanned directories: 23114
Scanned files: 1066439
Infected files: 2
[Code]....
Say that a certain server process generates log files and names them according to the current date; e.g.
server.nov-20.2010.log
server.nov-21.2010.log
server.nov-22.2010.log
server.nov-23.2010.log
i'd like to have logrotate compress the logs that are older than 3 days. Is this possible with logrotate, or do i just schedule a cron job to bzip everything under the folder older than 3 days?
I have been using Postfix since 2006 with no problems ever. Simple & rock solid however I was wondering what you guys use for monitoring all your email traffic and logs? Is there an application or utility you guys suggest using as a mail administrator to easily scan / view logs in a organized and clean view?
View 1 Replies View RelatedI am done with installing cron jobs for performing rebboting operations, now my requirement is sending the bootlogs to an email address.
View 1 Replies View RelatedI've installed squid 2.7 stable9 in centos 5.4 x32 bit. I've installed and configured it successfully, its working fine. I want to clear few doubts, for that your kind help is needed. Parallely, I've configured another server using binary rpms with same squid version (2.7 stable9). I found that it creates a /etc/logrotate.d/squid for rotating log files (access.log, cache.log, store.log). Which is properly rotating log files using compress, dateext and size options (i manually added the size option).
But after compiling and installing from source code, its automatically not created. I want to rotate the log files in the same way as it is doing when i install using binary rpms. Below logfile_rotate entry is present in my squid.conf file (in source code installation scenario) logfile_rotate 10 Below logfile_rotate entry is present in my squid.conf file which is commented (in binary rpm installation scenario) #logfile_rotate 10 I want to rotate the log files by size (as I've more than 200 users, these logfiles size increasing very fast, ie. approx 80 MB per hour), with compress and dateext option.
How to get logwatch working with shorewall logs. I tried fwlogwatch but could not get that working.
View 1 Replies View Related