Questions tagged [logging]

Recording activity on the system (or of a particular program) for later reporting and analysis. Logins, logouts, web server page requests, etc might all be logged.

2851 questions

votes

6 answers

Windows firewall logging. Log file is always blank

I have read many similar articles and posts on how to enable windows firewall logging. I have Win2k8r2 server without any Active Directory, DC, domains and other complicated stuff. Almost all of this article references to GPO and enabling it. The…

asked May 22 '12 at 05:29

kseen

votes

2 answers

rsyslogd: Any way to get around the number of local facilities?

We have about 9-10 appliances we want to direct the logging to our rsyslog server for. However, there's only 8 local facilities (0-7). How can we get around this limitation?

linux logging syslog rsyslog

asked Apr 19 '12 at 23:06

Belmin Fernandez

10,799
27
84
148

votes

3 answers

Remote Desktop failed logon event 4625 not logging IP address on 2008 Terminal Services server

When I use the new remote desktop with ssl and try to log on with bad credentials it logs a 4625 event as expected. The problem is, it doesn't log the ip address, so I can't block malicious logons in our firewall. The event looks like this:

windows-server-2008-r2 logging terminal-server

asked Apr 13 '12 at 07:29

Zone12

votes

3 answers

Avoid logging of certain missing files into the Apache2 error log

I'd like to avoid logging some missing files (that gives a 404) into the Apache2 error log. I want to do this on an Eclipse update site for my plugin. Problem is that the Eclipse P2 code tries to access its metadata files like content.xml,…

apache-2.2 log-files logging

asked Jul 06 '09 at 20:10

Peter Štibraný

votes

3 answers

How can I remove IP addresses from log files after some time

I have an apache/nginx/whatever web server which logs client IP addresses to the access logs. Now these log files are rotated via logrotate. I want to keep the IP addresses for some days, then after 7 days, I want to remove the IPs from the log…

nginx web-server logging apache2 privacy

asked Feb 09 '12 at 14:04

Michael Siebert

votes

8 answers

how to write a script that only acts on new log entries

I feel like this should be a simple thing but I am having a hard time figuring it out. I am trying to write a script that will monitor one of the apache log files and take some specific action. But how should I go about monitoring the log…

apache-2.2 monitoring bash logging scripting

asked Jan 31 '12 at 07:01

karmet

votes

1 answer

UFW logs blocked request on open port, what am I missing?

Nov 29 15:17:15 hostname kernel: [397768.554884] [UFW BLOCK] IN=eth0 OUT= MAC=[mac] SRC=[ip] DST=[ip] LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=17050 PROTO=TCP SPT=56152 DPT=80 WINDOW=65535 RES=0x00 ACK FIN URGP=0 As I understand it, there was a…

logging ufw

asked Nov 30 '11 at 09:30

Markus Hedlund

1,127
2
19
33

votes

7 answers

How to find "growing" files inside a linux system

I have a server that is constantly losing disk space so I reckon there must be some logs that I'm not aware of. What is a good way to locate files that are constantly increasing in size?

linux logging

asked Nov 03 '11 at 03:41

Tike

votes

3 answers

Cronjob stderr to file and email

I need my cronjobs to still continue to output errors in some files, but I also want them to be emailed at the same time. That doesn't seem to be possible without some tricks. I found this but didn't helped me. What would be the most simple way to…

linux cron logging

asked May 27 '11 at 19:52

Bastien974

1,896
12
44
62

votes

4 answers

pfsense log file retention

We have a pfSense firewall in our datacentre. By default, pfSense is only storing 500K of firewall filter logs, which is only a few hours for us. How can I increase this? pfSense uses clog rather than the usual BSD newsyslog. I only want the log…

firewall logging pfsense

asked May 20 '11 at 08:47

Colin Pickard

1,260
2
16
28

votes

5 answers

Force Dovecot not to log connect/disconnect messages

My /var/log/mail.log gets constantly flooded with Dovecot connect/disconnect messages like this: Mar 29 18:15:48 summit dovecot: IMAP(foo@bar.baz): Disconnected: Logged out bytes=63/2126 Mar 29 18:15:50 summit dovecot: imap-login: Login:…

linux logging imap dovecot email-server

asked Mar 29 '11 at 22:26

squircle

votes

5 answers

Recommended software for a Centralized logging server?

I'd like to centralize logging for all my servers. Server operating systems include Windows 2003, 2008, Ubuntu and Redhat. I think Splunk is too expensive, has anyone set up something like this using open source or reasonably priced software. …

linux windows-server-2008 windows-server-2003 logging syslog

asked Feb 10 '11 at 19:18

Antonius Bloch

4,680
6
29
41

votes

1 answer

rsyslog filters on message contents and facility

I have found examples of how to filter based on the contents of a log entry with rsyslog. But is there a way to do this so it is only filtering on the contents of a certain facility? For example something like: if local0.* msg contains "foo" But…

logging syslog rsyslog

asked Nov 02 '10 at 15:16

Kyle Brandt

83,619
74
305
448

votes

5 answers

Log LDAP access of the Active directory

I am looking for a method to log ldap access of a Active Directory domain controller. I want to be able to log the username and source IP address access to both 389, and 636(encrypted). A simple packet capture would get me the source IP, but…

active-directory logging ldap

asked Oct 20 '10 at 19:27

Zoredache

130,897
41
276
420

votes

5 answers

Is centralized logging a good idea?

Right now, my organization has a solution comprised of 10+ components, and some have a log file per thread. Since files are rotated hourly, tracking all of this is a chore. Is centralizing all logging to a specific machine (using rsyslog or…

logging syslog

asked Oct 06 '10 at 13:21

Bruno Antunes

Prev 1 2 3

…

99 100 Next