Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
0
votes
0 answers

Syslog servers - what is "normal" throughput? (Windows vs Linux)

Working in an almost Windows only company - and need to set up a syslog server recieving messages from our proxy, firewall and VPN-applicances. For now we have decided to use Kiwi Syslog server, but quickly realized that with the default setting of…
rhellem
  • 295
  • 1
  • 5
  • 14
0
votes
1 answer

Unable to log with HAProxy

I've been following the instructions found here, https://www.haproxy.com/blog/introduction-to-haproxy-logging/, to setup our logging. As documented, I made an rsyslog config file, haprorxy_log.conf, and restarted rsyslog: # Collect log with…
SVill
  • 77
  • 3
  • 13
0
votes
1 answer

How to stream some logs over TCP from rsyslog in Docker?

I need a very simple thing (for an integration test of a larger system, orchestrated by docker-compose): to setup a Debian based Docker image with rsyslog inside, so that when it is run, rsyslog will emit some syslog messages over TCP to another…
stf
  • 123
  • 1
  • 5
0
votes
1 answer

What is filling my /var/log/messages (db-k450-hd2-1 IngrianActivity)?

My /var/log/messages is getting full with the following logs and can't figure out what is writing the logs. Any help would be much appreciated. Jun 13 00:12:28 db-k450-hd2-2 IngrianActivity: [2020-06-13 00:12:28] INFO 10.7.114.45 [-] - 205012001322…
SutuwaShell
  • 1
  • 1
0
votes
1 answer

docker logging container not reading docker logs

new to docker.... so got a few containers running and i want to run a logging container to collect all the logs up and send them to Rapid7. the rapid7 container is working as its sending stats to the remote syslog. BUT... it is not sending container…
Lee Hill
  • 30
  • 1
  • 7
0
votes
0 answers

/var/log/messages not sending to the rsyslog central logging server

Everything else is being logged to the central rsyslog server but not the /var/log/messages of the rsyslog client. server: learn -> 192.168.1.100 client: server101 -> 192.168.1.200 From the rsyslog server: [root@learn ~]# ls -l…
vjwilson
  • 129
  • 1
  • 6
0
votes
1 answer

how to send log from post-auth with Freeradius?

I want to send message to remote syslog in post-auth section. Simple string with "'%{User-Name}', '%{reply:Packet-Type}', '%{Calling-Station-Id}'" How do it with FreeRADIUS 3 ? Or.. How to split loggs by facility or priority?
eri
  • 294
  • 2
  • 5
  • 17
0
votes
1 answer

Seprate json part of incoming log with syslog-ng by config

I'm receiving my log without any parse: source s_network { network( transport(tcp) port(601) flags(no-parse)); }; My saved log have two part: reciver information json part of log ( like below ): Feb 18 00:01:58 82.172.112.1 <40>…
MHF
  • 3
  • 4
0
votes
1 answer

Log a message from Windows to a Syslog server (Wireguard)

I would like to know when a Wireguard client set a tunnel up. So is it possible to do something like : PostUp=command_which_creates_a_syslog_event Because I don't see any other way to log when a client set his tunnel up.
amrbcl
  • 53
  • 5
-1
votes
1 answer

After installing sysstat on an AWS EC2 instance: kernel: ena: Feature 27 isn't supported

After installing and enabling sysstat on an AWS EC2 instance I get the following log entries everytime sysstat is run (from the cronjob in /etc/cron.d/sysstat) in my /var/log/syslog file on Debian: kernel: [95827.487657] ena: Feature 27 isn't…
manifestor
  • 6,079
  • 7
  • 27
  • 39
-1
votes
1 answer

(CRON) info (No MTA installed, discarding output)j though there is no cron job is scheduled

In my /var/log/syslog file I can see the above log is entered in every minute. Though I have checked my crontab and found nothing configured there to run. My /var/log/syslog is as follows: And the crontab is as follows: Here I should mention that…
Mushfiqur Rahman
  • 101
  • 1
-1
votes
1 answer

syslog-ng | How to separate Logs from different Applications from one Client without to use different Ports ???

I have some Samba-Domain-Controllers and one central Syslog-Server. All of them running the latest syslog-ng and SUSE Leap15. Every Log from Samba, Winbind and Bind/Named should go to the central Syslog-Server in a separate File. Until now, i…
MHABK
  • 9
  • 5
-1
votes
1 answer

syslog for netstat to get no. of connection from each IP range

I have a server which keeps on receiving request from two other servers from different IP ranges. I need to know how can I setup a cronjob which keeps on checking number of connection made by each server every second and keep on updating the result…
manish sharma
  • 1
-1
votes
1 answer

syslog-ng how to get the content of the logs and rewrite to header

the requirement is to extract the ip address inside the raw log and put in the syslog header. tried different way but not able to work, any idea? I've tried use regex but seems $1 $2 not working after i put the flag
user42647
  • 1
-1
votes
1 answer

Syslog messages not being received at central server

I have a central Syslog server (Windows Server 2012 R2) running Kiwi Syslog server that isn't receiving logs from a client (Centos 7). The client's rsyslog.conf configuration looks like this: *.info;mail.none;authpriv.none;cron.none …
willbo
  • 1
1 2 3
43
44