Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
5
votes
5 answers

reliable export of journalctl logs

I search a way for a reliable export of journalctl logs. I could use the --since=... option, but this is a bit fuzzy. In my case a script would call journalctl --output=json every ten minutes. I don't want to miss a single line and (if possible) I…
guettli
  • 3,591
  • 17
  • 72
  • 123
5
votes
1 answer

nginx logs to syslog - connection refused

I'm trying to setup nginx 1.7.3 to send logs to syslog, but when I this configuration: server { access_log syslog:server=localhost; } this shows up in nginx's error log: 2015/01/15 21:42:47 [error] 16776#0: send() failed (111: Connection…
Jan Langer
  • 161
  • 1
  • 1
  • 5
5
votes
2 answers

How does one manually rotate log without logrotate on open/live file?

My Google-Fu is getting me so close but just not quite there, and I guess I'm too green in Linux to put the pieces together. I have a very large >200GB log file, still being written to. Logrotate wont get to it in time before disk space could be a…
Ceafin
  • 61
  • 1
  • 3
5
votes
1 answer

UDP Traffic from outside to docker container is dropped after container restart

following situation: i have a hardware box with Ubuntu 14.04LTS as host for docker 1.4 I'm running an ELK stack in several containers. Curenntly the logstash container is exposing only port 514 to collect syslog input. in some situations, after…
Andreas Schaefer
  • 183
  • 2
  • 7
5
votes
1 answer

Random SSH entries in Auth.log out of date order

Running an Ubuntu Trusty 14.04.1 LTS server at Rackspace but recently after running updates for bash, then with the reboots for the xen host vulnerability, I have the following weird issue. Some random auth.log entries are popping up out of date…
Ray A
  • 153
  • 5
5
votes
1 answer

Separating java stdout and stderr with systemd and without filling journal

I am running java apps via systemd: [Unit] Description=test service [Service] Type=simple EnvironmentFile=/etc/sysconfig/testserver WorkingDirectory=/opt/testserver ExecStart=/usr/bin/java -jar…
GioMac
  • 4,544
  • 4
  • 27
  • 41
5
votes
1 answer

Difference between /dev/udp and netcat

I have a syslog server listening on localhost:514 as UDP and would like to write messages to it on that port. (Using Ubuntu 14.04) If I run either of these commands from bash it prints the date every 2 seconds to syslog # Using netcat while true;…
user779159
  • 395
  • 1
  • 5
  • 10
5
votes
2 answers

Cannot find upstart logs in syslog despite a log-priority of debug (ubuntu 13.04 & mint 16)

I've set upstart log level to "debug" sudo initctl log-priority debug But I still cannot see anything in /var/log/syslog. sudo initctl emit hello # no log sudo initctl start my-broken-service # still no log I've checked rsyslog config (in…
Bruno Bieth
  • 161
  • 1
  • 4
5
votes
0 answers

How do you use patterndb variables in syslog-ng?

I'd like to parse some custom (network appliance) syslog files to create my own formatted output. As I am new to syslog-ng & patterndb I have been trying to build an example using the documentation - my work so far is here:…
Nick
  • 51
  • 2
5
votes
2 answers

How can you filter mail.info from syslog?

How do I filter mail.info from /var/log/syslog (rsyslog.conf/Debian) while keeping messages greater than or equal to mail.warn? I've tried just about every different variation of appending and prepending different combinations of mail, mail.info,…
Jeff
  • 1,416
  • 3
  • 28
  • 50
5
votes
2 answers

What is this in my syslog and should I be concerned?

I'm seeing a lot of the following line in /var/log/syslog: Jun 21 14:36:15 my-server kernel: [416219.080061] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:the-mac-address:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=128…
orokusaki
  • 2,763
  • 4
  • 32
  • 43
5
votes
4 answers

Wildcard support for InputFileName in rsyslog?

We have log files with names that match a certain pattern but frequently change. Is there a way to specify a wildcard or pattern for rsyslog to include via InputFileName? Example: InputFileName: /path/to/logs/*_error.log Using the above example…
Dan
  • 657
  • 2
  • 9
  • 13
5
votes
1 answer

Reduce munin logging level

Munin is quite verbose, and logs a bunch of things into munin-graph.log, munin-html.log, munin-limits.log and munin-update.log at each run of munin-cron. I already reduced munin-node logging level by setting log_level 0 in munin-node.conf, and that…
petrus
  • 5,297
  • 26
  • 42
5
votes
1 answer

Syslog produces hundreds of lines

I have recently been "promoted" to lab admin, as I have the most experience with linux. My logcheck keeps sending me emails with hundreds of lines stemming from my syslog file. It repeats itself over, with minor changes each time. I have no idea…
Markus
  • 200
  • 1
  • 2
  • 13
5
votes
1 answer

Best Practices for rotating syslog logs on RHEL with different schedules?

OS: Running RHEL 5.6. Situation: I need to rotate /var/log/messagees on a different schedule than the rest of the syslog logs. By default syslog logs are rotated weekly based on the /etc/logrotate.conf and /etc/logrotate.d/syslog configuration…
Joshua
  • 53
  • 1
  • 3
1 2 3
43 44