Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
0
votes
1 answer

Logging only written on old [filename].1 log files

My log is not written on the correct log file for example syslog, mail.log, mysql.log, auth.log but for some reason the latest event are written on these old log files syslog.1, auth.log.1, mail.log.1 . They are huge files because of their previous…
sg552
  • 409
  • 3
  • 5
  • 11
0
votes
1 answer

SSH Failed password login - log password

today I checked the log of my sshd and I have discovered tons of lines like :Oct 12 Oct 12 12:31:34 my_user sshd[15324]: Failed password for invalid user admin from 104.194.25.135 port 2683 ssh2 Oct 12 12:31:37 my_user sshd[15324]: Failed…
pedr0
  • 113
  • 1
  • 5
0
votes
1 answer

Cisco CGS2520 switch to reveal MAC address when port goes active?

Is there a way to have a Cisco switch reveal the MAC address of a device via Syslog when it is plugged in? I get messages that a device is connected, but there isn't a lot of detail: Sep 9 12:50:51 10.9.8.7 6531: *Sep 9 12:47:50: %LINK-3-UPDOWN:…
mgjk
  • 874
  • 3
  • 9
  • 20
0
votes
1 answer

Understanding ntpd entry in syslog

Does anyone know what this entry in syslog means: static1 ntpd[2397]: 2a00:xxxx:xxxx:239::2 interface 2a01:xxxx::xxxx:xxxx:fe70:a40c -> (null) (I've replaced some of the values with xxxx) Thank you
UpTheCreek
  • 1,628
  • 10
  • 32
  • 48
0
votes
1 answer

Different log file per postfix instance

How can I set a custom log file for each postfix instance? Specifically, I need to identify entries generated for different instances of postfix, and would be better for the tooling if each instance had its own log file in a different folder. It…
Natan
  • 223
  • 1
  • 3
  • 9
0
votes
2 answers

Not getting anything written to my log files in ubuntu

I am not getting any logs in auth.log, kern.log, syslog or any other log files on my 12.04 ubuntu server. There is also no rsyslog.conf if it should be there by default. rsyslogd is not running as well. How can I debug this & get the log files…
Rajat Gupta
  • 301
  • 4
  • 17
0
votes
2 answers

max open files - why is there no error?

I suspect that one of our server applications has hit its max open file limit. The application is running in user-space with its own account. The init-script starts a large number of processes which in turn start a number of sub-processes and a…
Nils
  • 7,695
  • 3
  • 34
  • 73
0
votes
2 answers

Find syslog priortiy/ severity of a message

Is there a way to find the syslog priority or severity of log entries using a standard unix tool? For example I could grep for the word error in a log. But not all logs will state the word "error" should an error occur. It would be nice to find all…
user92227
0
votes
1 answer

same filter works in rsyslog but not syslog

I have the following filters in new cpanel server with rsyslog to forward log to a central log server(use rsyslog), but these filters didn't work in older cpanel server with syslog. I don't see any error after restart syslog. if $syslogtag contains…
garconcn
  • 2,388
  • 8
  • 35
  • 46
0
votes
1 answer

corrupted syslog messages

on one of servers running 64bit debian lenny i can see from time to time corrupted kernel messages in syslog file. they look ok in dmesg: usb-storage: device found at 21 usb-storage: waiting for device to settle before scanning but in…
pQd
  • 29,981
  • 6
  • 66
  • 109
0
votes
1 answer

syslog, kernel.warning and iptables innerworking

Im tinkering with my iptables logging at the moment. So I got my syslog to use another log file with tips from the web. basically you end up changing some chains and rules plus aan extra line in the /etc/syslog.conf kern.warning …
Koen van der Rijt
  • 393
  • 1
  • 11
0
votes
1 answer

Syslog info from vmware hosts to graylog are not collecting correctly

I have a graylog syslog server running on debian, running fine. I wanted to send syslogs from our Vmware ESX hosts to Graylog. I point a ESX host to the syslog by doing the following: I open vSphere Client and selected my host. And then I select…
Logman
  • 445
  • 2
  • 16
  • 28
0
votes
1 answer

Wireshark - Capture syslog traffic form local workstation

I am using wireshark version 1.10.3 on windows 7 x64 enterprise. I am trying to capture all outbound UDP traffic, in particular syslog traffic. I have tried a capture filter UDP, but all I can see it DNS and NTP traffic. I have used the following…
dmckenna
  • 233
  • 2
  • 9
0
votes
1 answer

Syslog-ng how to get domain names instead of IP address

How can syslog-ng get the domain names instead of IP address that I received? I'm able to get those information but in IP address, I would like to get the DST/HOST to domain names instead of getting IP address.…
Jien Wai
  • 1
  • 1
  • 2
0
votes
0 answers

software to view logs on remote server

I have configured syslog server on my linux machine like this Linux Machine (syslog client) -- > Linux Machine (syslog server) I have configured it and its working properly. Now, the problem is I want to look at the logs located on remote server in…
Tarun
  • 127
  • 1
  • 7
1 2 3
43 44