Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions

-1

votes

1 answer

Which Nginx log file is for fail2ban?

I have files in /var/log/nginx/ the log file /var/log/nginx/access.log is empty. But the /var/log/nginx/access.log.1 is being appended as always. In file /etc/fail2ban/fail2ban.conf, logtarget = /var/log/fail2ban.log In the file…

asked Apr 13 '16 at 06:08

dotslash

-1

votes

1 answer

IPtables log only some drop connections

I have these rules: -A INPUT -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7 -A INPUT -j DROP But this logs every DROP that occurs like IPTables Packet Dropped: IN=eth0 OUT= MAC=XXXXXXXX SRC=192.168.100.11…

iptables logging syslog rsyslog

asked Nov 24 '15 at 14:54

Christopher

-1

votes

0 answers

Stop crontab from filling syslog Ubuntu 15.04

How can I prevent (certain cronjobs) from filling my syslog in Ubuntu 15.04? I have some jobs that run 4 times a minute and quickly fill up my syslog files. I've tried adding: cron.* /var/log/cron to…

ubuntu cron syslog rsyslog

asked Aug 08 '15 at 22:39

gijs007

-1

votes

1 answer

How to forward a specific log file in a syslog config?

I just want to ask how can I log for example /var/log/test/test.log to a remote syslog-ng? Im using syslog not rsyslog. I can do it in rsyslog but not in syslog.

debian remote syslog

asked Jun 25 '15 at 09:18

Sympatiko

-1

votes

2 answers

Source of syslog bind query denied message

What is the cause, and how can I stop this request on example.com from my ip (xxx.xxx.xxx.xxx) being continually repeated in /var/log/syslog? Apr 14 20:37:10 example.com named[1663]: client xxx.xxx.xxx.xxx#35295: query (cache) 'google.com/TXT/IN'…

debian postfix bind syslog

asked Apr 15 '15 at 01:52

Ole Juul

-1

votes

1 answer

File monitoring using syslog

Can rsyslog, syslog-ng programs monitor change of file? I want to monitor files and receive the changes made to the file by syslog on server. Thank you.

syslog rsyslog

asked Jan 13 '15 at 03:43

mau5

-1

votes

1 answer

Determine timezone in Rsyslog file

I would like to determine what time zone a specific log is in. I found this line in the log: Aug 29 07:07:40 gw kernel: rtc_cmos rtc_cmos: setting system clock to 2013-08-29 11:07:08 UTC(1377774428) Does this mean that at the time that triggered,…

syslog rsyslog

asked Dec 27 '14 at 17:13

linuxnoob

-1

votes

1 answer

Nginx Reverse Proxy Segfault on High Traffic

Recently my load balancer with Nginx rev proxy showing the following error messages on /var/log/dmesg: [6278902.558300] nginx[15683]: segfault at ffffffffffffffff ip 0000000000457b99 sp 00007fffca4b8f20 error 4 in…

nginx load-balancing reverse-proxy syslog dmesg

asked Jun 24 '14 at 07:33

Ludwig

-1

votes

1 answer

Monitor syslog (RFC 5426) on Windows Server 2008

I have setup in a Windows Server 2008 a syslog server using NXLog http://nxlog-ce.sourceforge.net/. I've configured some routers in the network to send syslog messages (RFC 5426) to the server (UDP 514) and it's working great, saving all the…

logging syslog

asked Oct 23 '12 at 23:21

Havok

-1

votes

2 answers

Can it be because of any Kernel Bugs?specifically spin lock

We are running ubuntu 11.04 with 2.6.38-13-generic kernel on Intel(R) Xeon(R) CPU E5620 @ 2.40GHz with 48 GB RAM dedicated server with Hardware RAID. top command output is showing many kernel threads running on different cores. thread …

apache-2.2 kernel syslog ubuntu-11.04 interrupts

asked May 15 '12 at 13:29

ananthan

1,510
1
18
28

-1

votes

1 answer

splunk syslogs Forwarder set up not working and paused data flow

I have set up the Universal Forwarder locally in my machine using this guide https://splunk.paloaltonetworks.com/universal-forwarder.html /opt/splunkforwarder/etc/system/local/inputs.conf [monitor:///var/log/udp514.log] sourcetype = pan:log disabled…

linux port port-forwarding syslog splunk

asked Feb 22 '23 at 12:19

asasa178

-2

votes

1 answer

How to convert syslog to json in syslog server on freeBSD8.3 OS

I am using FreeBSD 8.3 and syslog server is running on it. now i have configured my syslog server to send logs to remote server by simply adding these lines in /etc/syslog.conf file *.notice;kern.debug;lpr.info;mail.crit; …

syslog

asked Jul 09 '14 at 10:59

user229957

-2

votes

1 answer

Forward Windows logs to Linux server

Possible Duplicate: Software to send windows notification eventlogs to linux syslog server and encode to utf8 Is it possible to forward logs from a Windows server to a Linux syslog server ?

syslog

asked Oct 03 '11 at 08:04

Rubi Naaz

-3

votes

1 answer

How to hack proof my syslog-ng server

I recently built a Ubuntu syslog-ng server that is behind a firewall. I have opened TCP ports 514, 515, and 516. I have noticed that hackers are writing to my syslog-ng server, they are from China. How do I hack proof my syslog server to only…

linux iptables syslog syslog-ng

asked May 18 '20 at 15:00

BioRod

-5

votes

2 answers

server hacked - cron continue to run

Someone accessed my EC2 Ubuntu 14.04 and installed some malicious cron to do port scanning with user eric. I removed user eric and the file executed, but in syslog I see Sep 19 15:27:01 ip-xxx CRON[9388]: Authentication failure Sep 14 08:45:01…

syslog hacking

asked Sep 19 '14 at 16:07

LucScu

Prev 1 2 3

…