Server :: Unable To See All The Logs Forwarded To Box?
Apr 19, 2011
We are forwarding logs (perl script executed logs) to one Red Hat Linux box. We have to get 97 logs for each time the script runs. But we see inconsistent number of logs coming to Linux box. Like one time we got 56, other time 3 , other time 43.. like this.. We are sure that 97 logs are being forwarded. Checked the Rsyslog.config filer any filters and couldn't see any filter dropping them. When we run the tcpdump, we can see 97 connections, but logs are not there in specified location.
I did a port scan on my server from outside my network and saw that port 10080 AMANDA is open.Amanda isn't installed on any of my computers or my server and the port is not forwarded by my modem or router. So why is this port open and how can I close it?
One inconvenience I face now, though, is that I cannot tell if I have already forwarded certain messages or not, because the message is not automatically tagged as forwarded. how to set it up, so it would indicate in the list that the message has been forwarded?
I was able to get the a2ensite command to enable a virtual site because it says "Site xxxxx.com already enabled" when I run the command. My problem now is that even though a site is enabled it says this: Code: /etc/init.d/apache2 restart * Restarting web server apache2
[Tue Apr 20 01:28:57 2010] [warn] NameVirtualHost *:80 has no VirtualHosts [Tue Apr 20 01:28:57 2010] [warn] NameVirtualHost *:80 has no VirtualHosts [Tue Apr 20 01:28:57 2010] [warn] NameVirtualHost *:80 has no VirtualHosts [Tue Apr 20 01:28:57 2010] [warn] NameVirtualHost *:80 has no VirtualHosts
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs Should I do a chown or chmod to a file?
[root@itsupport ~]# service httpd restart Stopping httpd: [FAILED] Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down Unable to open logs [FAILED] Iam facing the above error when i restart the service httpd
I have my own internal bind9 server, for my local domain, and I forward internal requests for public domains to OpenDNS servers. This server is not in a DMZ, but is instead behind an dynamic NAT. I do not accept queries from the public network, only responses. I understand that DNS is primarilly a UDP protocol, so it can't pass through a stateful/nat. without a firewall allow.
I've done a little reading and learned that bind9 does not run 53 <-> 53 anymore (is now >1024 <-> 53), and modified my config so it works like bind4 did, but I am concerned that this makes me less secure. additionally, I'd really rather not have a completely open 53 rule, but it seems that if I constrain 53 traffic to my known forwarders, it interfers with some of my network services like transmission. so, what firewall rules would you guys recommend for recieving forwarded DNS query responses to my server?
I managed to get my hylafax server nice and going, I also setup up AvantFax and Faxy to reach it from the web..What I still want to do it to send a mail from my blackberry device with a JPEG attachment, and have it forwarded as a FAX to the recipient fax machine...
I read and saw a few documentation here and there, but it is very confusing for me...
courier-faxmail seemed nice, but it conflicts with Hylafax..
Hylafax help support is unclear to me...
I'm not sure jpg attachments from blackberry are "standard" jpg, and, I have no idea how to forward this as a fax...
For what I understood, I need to have a running mail agent on my server, and a script to forward this to hylafax..
I set up freenx server and set up a client on same machine and now when I go to my logs it crashs and bugzilla save before it can crash. I go to send info and the page says bugzilla wont work and gives a 999 code need newer gnome??
I would like to monitor a RedHat via snmp. I would like to make available data via snmp. The data that I would like to graph are only present in logs file. Is it possible to parse data from applicative logs and have them available for my cacti server via snmp? I already monitor CPU, mem, and others with cacti using the standard MIB.What would be the logical step I would need to achieve that?
I Have RHEL4 running on IBM X3550 server, we request IBM support regarding issues with this server, they will request for IBM DSA logs. The logs are quite extensive and cover almost all server config & can identify hardware issues with drivers...etc. I want to know if there is a way to analysis those logs offline without sending them to IBM support?
I've managed to set things up to the point where I can start xclock with the putty ssh terminal and have it show up as a window on my windows client rendered by x-deep32 x-server emulator. I've tried issuing the command "kdm start" but no window with a window manager pops up.
How do I get this to work so that I can control my remote ArchLinux machine through my windows client with KDE window manager?
I was wondering how could I specify for how long the logs will be kept. Rsyslog doesn't have such an option (at least I didn't find it).Do I have to use logrotate for this, or is there some other option?
how to check maillogs for previous days. wht is command to check log for yesturday in sendmail8.14 .fedora os i know /var/log/maillog.this gives o/p for today but wht abut yesturday.?
Iam looking security specific event ID on Linux .hear are thousnds of event ID in Microsoft Windows/XP and VISTA etc. Similar way looking for Linux,unix ,Solaries,AIX etc event ID. I would to correlate and implement with Arcsight.
I am installing RHEL 5.5 to be a syslog server to collects logs from servers (HP-UX, Linux, Windows and Cisco Network Devices). and i can now collect logs from my windows PC on syslog linux server by using Datagram SyslogAgent software. can collect logs from HP-UX 11.23 server. and i configuring the Unix server as in the steps below:
1. Log in as root
2. Go to /etc/syslog.conf
3. Add a line: *.*<tab>@<Sentinel Server IP Address>
I ran a scan (clamscan -r --remove /home/) on my user's home directory yesterday & since I have so many users on my mail server, it takes a very long time to complete. I came back in this morning and realized that there were two infected files found during last nights scan:
i'd like to have logrotate compress the logs that are older than 3 days. Is this possible with logrotate, or do i just schedule a cron job to bzip everything under the folder older than 3 days?
I have been using Postfix since 2006 with no problems ever. Simple & rock solid however I was wondering what you guys use for monitoring all your email traffic and logs? Is there an application or utility you guys suggest using as a mail administrator to easily scan / view logs in a organized and clean view?
I've installed squid 2.7 stable9 in centos 5.4 x32 bit. I've installed and configured it successfully, its working fine. I want to clear few doubts, for that your kind help is needed. Parallely, I've configured another server using binary rpms with same squid version (2.7 stable9). I found that it creates a /etc/logrotate.d/squid for rotating log files (access.log, cache.log, store.log). Which is properly rotating log files using compress, dateext and size options (i manually added the size option).
But after compiling and installing from source code, its automatically not created. I want to rotate the log files in the same way as it is doing when i install using binary rpms. Below logfile_rotate entry is present in my squid.conf file (in source code installation scenario) logfile_rotate 10 Below logfile_rotate entry is present in my squid.conf file which is commented (in binary rpm installation scenario) #logfile_rotate 10 I want to rotate the log files by size (as I've more than 200 users, these logfiles size increasing very fast, ie. approx 80 MB per hour), with compress and dateext option.
When I try to login as me - it gets pretty far but then something happens and automatically logs out. This happens in Gnome, Kde too. Now - I have no problem logging in a Root. Is there a way I can try to stop the login process before it kicks me out, or is there a way to look at some files to tell me what's going on?
