Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
0
votes
1 answer

Configuring 'audit' facility in syslog-ng on solaris server?

This is a follow-up to this question. mghocke was kind enough to help me out with that question, but this is really a separate question, therefor a new post. I really don't know a lot about syslog, and am trying to move away from syslogd to…
coding_hero
  • 241
  • 3
  • 6
  • 11
0
votes
1 answer

How to process, transform and re-send 1000req/sec log entries from syslogd?

I currently have two machines that receive about 1000 HTTP req/sec both and generate a log entry on every request. This log is centralized on a syslog daemon running on a different machine. For reasons not really relevant, I will need to have those…
Pedro Mata-Mouros
  • 3
  • 1
0
votes
2 answers

What is the "facility" of SnapGear SG560 System Log Syslog

My SnapGear (now McAfee) SG560 (firmware Version 4.0.10) has a "remote system log" feature, which can send syslog-type data to a host in my network. It's working, but writing to /var/log/messages. I'd like it to store this information in a different…
Felipe Alvarez
  • 193
  • 2
  • 12
0
votes
1 answer

On Solaris, how to log IP when using winbind auth and invalid user?

This is on Solaris 10 sparc platform. I'm trying to make our denyhosts script block the dictionary ssh attacks. Unfortunately, the logging does not show an IP when the user name is invalid. We are using winbind module in pam.conf If I intentionally…
labradort
  • 1,169
  • 1
  • 8
  • 20
0
votes
1 answer

Opensource log correlation application - an alternative to SEC?

is there a opensource log correlation application? I know only SEC[1]. The best would be if the application could work in clustered setup and would understand even structured logs, not only free-text logs (like those from syslog). [1]…
jirib
  • 1,240
  • 8
  • 15
0
votes
1 answer

syslog - log line classifications

A very generic question; in the context of a programmer, with operational aspect of the process (program) in mind. Is there any sort of best-practice / guide to classify messages, particularly in the context of SaaS / multi-tenancy (server) software…
CodeMedic
  • 304
  • 1
  • 2
  • 11
0
votes
3 answers

How to configure JBoss AS 7 to log to syslog?

How do i configure jboss to log to syslog?
Carl Hörberg
  • 620
  • 4
  • 9
  • 21
0
votes
2 answers

log forwarding performance and OS bottleneck

How many logs/second can usually be handled by syslog servers? By syslog servers, I am referring to rsyslog, syslog-ng, splunk etc. The intent of the question is to find out at what logs/second rate the OS (Linux kernel >=3.0) becomes bottle-neck. …
user837208
  • 105
  • 3
0
votes
2 answers

Redirecting Syslog events from RHEL 6 to RHEL 5: is it possible to provide with the same event format?

For some reasons, we redirect syslog events from RHEL 6 (with rsyslog) to RHEL 5 (with syslogd). On RHEL 6 in rsyslog.conf: *.* @10.30.46.211 On RHEL 5 in /etc/sysconfig/syslog: SYSLOGD_OPTIONS="-r -m 0" On RHEL 6, the event looks…
user54614
  • 379
  • 2
  • 6
  • 18
0
votes
1 answer

Sending multiple loglines (mysql-slow.log, php5-fpm.log.slow) to syslog

I'm trying to aggregate several sources of error messages into one place, to easier put things into context. I'm currently looking at rsyslog, but I can change this - if it's preventing me from doing what I want to do. My problem is, how can I best…
Kvisle
  • 4,193
  • 24
  • 25
0
votes
1 answer

shrinking a syslog sql database

I am trying to shrink a SQL database used for our syslog monitoring. the DB is about 43GB right now, and i'm sure hasn't been cleaned up in years. I recently inherited this DB when someone quit, and i'm not sure how to even access it or clean it up.…
user44650
  • 137
  • 4
  • 11
0
votes
1 answer

Change syslog log file's owner/group?

Is there a way to have syslog create a log file that's not owned by root? I've got several jboss application servers that I've got logging to a server. Everyone's running CentOS. Right now, all of the logs are going to 'somelog.log' and it's owned…
David
  • 103
  • 3
0
votes
1 answer

Remote Logging for Syslog

I'm trying to set up syslog to accept remote logging. I already have changed the config file and set up the syslogd with "-r m 0" to accept remote logging. Now i need to change the /etc/services file. I know it needs to be: something…
jim
0
votes
1 answer

Odd Postfix message right before system crash/freeze. What does it mean?

I just had my web server lock up on me, it stopped serving pages and wouldn't accept any SSH connections. I was able to reboot this server through the control panel Linode provides. Below you'll see the last few entries in the syslog before the…
PHLAK
  • 153
  • 1
  • 5
0
votes
1 answer

Zenoss - Performance issues with captured events

The problem I'm manually inserting events into Zenoss through the zensendevent command line tool. The events are successfully inserted into Zenoss. The problem is that I can just insert about 8 events per second. I have also experimented with…
Tiago Alves
  • 101
  • 2
1 2 3
43 44