Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
0
votes
2 answers

syslog or splunk forwarding over the internet

I have a web application that is split over a couple of sites in the US and the UK. When we have issues I would like to be able to view the collated error logs from the 2 sites. So I was thinking about doing this 1)setting up a splunk server at each…
Tom
  • 11,176
  • 5
  • 41
  • 63
0
votes
2 answers

What would be an appropriate title for a position focused on system logging?

I am interested in any training involved with system logging, log catching, network device logging, log extraction, log analysis, log presentation... and so forth. I am looking to focus on all things involved with system monitoring and alerting, as…
MattUebel
  • 927
  • 4
  • 13
  • 32
0
votes
1 answer

how do you convert this syslog-ng cfg to rsyslog?

How do I convert the following to rsyslog syntax? filter local2 { facility(local2); }; filter not_local2 { not facility(local2); }; destination server2 { tcp("server2" port(1111)); }; destination localhost { file ("/var/log/local2.log");…
user30199
  • 139
  • 1
  • 7
0
votes
4 answers

Can you recommend a good GUI (X, Java, web-based, or curses-like console) for syslog and other Linux logs?

I am looking for a convenient tool to view and manage my Linux (Debian, postfix, dovecot, iptables, etc) server logs. Would you, please, share your choice and experience?
Ivan
  • 3,398
  • 19
  • 50
  • 71
0
votes
0 answers

Issue Getting Rsyslog TLS Configuration Working

Overview I have a server that receives Syslog data from external clients, and I do not have administrative access to these clients. The goal is to move the existing configuration to data in transit encryption by implementing TLS for Syslog on TCP…
g9s0x1
  • 1
  • 1
0
votes
0 answers

Split logging on rsyslogd

My goal is to send all logs to one source remote and still log local but then send all the AuditD logs to its own source on port 20002. But for some reason, my auditd logs are still ending up with my syslogs going to port…
Jason
  • 3,931
  • 19
  • 66
  • 107
0
votes
1 answer

Ssh messages do not output to a pipe configured in syslog.conf

I have configured a pipe in syslog.conf for auth.* to capture the ssh syslog error and status messages. I have then a python script that processes this pipe's input and I check that we receive something by writing the content of the pipe to a…
A Mere
  • 3
  • 1
0
votes
0 answers

Add mac address in rsyslog template

I am trying to add system/device mac address in syslog. No solution is working for me. Following command gives me mac address, just wanted to use in rsyslog template. mac_addr=$(ifconfig en0 | awk '/ether/ {print $2}') template template(name="tpl3"…
sandip karanjekar
  • 101
  • 1
0
votes
0 answers

Disable Cisco Router syslog messages

I am trying to disable syslog messages from showing in my cisco 1kv tty. The conundrum is terminal monitor has a single command to set the logging level #logging terminal , and if I choose anything above informational I will get all of the…
Omera
  • 15
  • 4
0
votes
1 answer

rSyslog stopped sending only SOME data

I have configured a remote logging from one of my servers to the central log server via rsyslog TCP/SSL Everything worked fine until yesterday where most of the files just stop being transmitted while some are still sent/updated in the log server. I…
Mr.P
  • 109
  • 9
0
votes
1 answer

Understanding Samba VFS Operations for Full Audit

We have a TrueNAS System running TrueNAS-12.0-U8 for which we are required to log all successful and all failed file access attempts for a specific SMB share. The Samba version is 4.13. Per guidance from the vendor, I've included the below in the…
sardean
  • 833
  • 3
  • 15
  • 34
0
votes
1 answer

Postfix logging to syslog even though it's excluded

Ubuntu 22.04 and postfix 3.6.4 Postfix config is set to use syslog_facility=mail, and I have modified /etc/rsyslog.d/50-default.conf to the following *.*;mail,auth,authpriv.none -/var/log/syslog mail.warn …
Brett A.
  • 156
  • 9
0
votes
1 answer

Syslog-ng enable TCP framing

I'm trying to send file entries as messages via TCP, where syslog-ng is in a container and it is sending to another container. I've had two different attempts both with problematic behavior. The first configuration: @version: 3.31 source s_file { …
Omri. B
  • 109
  • 2
0
votes
0 answers

Unexpected ubuntu server down

I am using an Ubuntu Server 16.04LTS running ISP config that is hosted an VMware ESXi I experienced an unexpected shutdown issue, and I'm trying to identify the source. Upon checking the logs, I was unable to see the logs prior to the problem. The…
divya
  • 1
0
votes
0 answers

Crontab I have tried cronitor airplane nothing helps

my crontabs do not run, sys log gives me this, Jan 6 08:30:02 joe-sbc-flt1 CRON[102851]: (joe) CMD (/home/joe/scripts/watchit.sh) I have no idea what it means or what is wrong, can anyone help?
extra views
  • 1
1 2 3
43 44