Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

660 questions
5
votes
2 answers

rsyslog: How do I direct messages from all remote machines to one file?

We have a syslog server and we have all our servers logging to it. We want a sort of "catch-all" drippan rule for all remote messages that we have not configured a rule for. Anyone know how to accomplish this?
Belmin Fernandez
  • 10,799
  • 27
  • 84
  • 148
5
votes
1 answer

How to maintain the log source host using logstash

I am following the steps in this blog to set up rsyslog + logstash + graylog2 and I can't figure out how to replace the @source_host attribute in logstash using the mutate -> replace filter. In the exmaple the author replaces his @source_host with a…
Ray Rodriguez
  • 51
  • 1
  • 2
5
votes
3 answers

Chained Syslog forwarding

Is there a way to chain syslog forwarding? For example, how can a clienthost forward its syslogs to ServerA and ServerA forward everything to CentralSyslogServer? I'm using rsyslog. The reason is that Server A is a dual homed machine which gets…
garg
  • 635
  • 1
  • 7
  • 17
5
votes
3 answers

Software to send windows notification eventlogs to linux syslog server and encode to utf8

I am trying to setup a windows 2008 server so it's able to send the eventlog messages to an syslog-ng server running linux. I'd prefer something native but I guess it won't be possible. UPDATE The first answer recommended to use snare, so far it's…
aseques
  • 718
  • 4
  • 12
  • 28
5
votes
5 answers

Script to delete files older than 30days

Shell script should not delete any files under* root dir*. My* path will be like /export/home/ftp/ ... I did some research and figured out the way for finding and deleting the files older than 30 days from a specific path, using find and exec…
Jayakrishnan T
  • 298
  • 2
  • 8
  • 22
5
votes
3 answers

Where is syslog.conf file on ubuntu 10

i want to LOG my droppped packets in firewall. The tutorial told me write some lines in /etc/syslog.conf I have searched but could not foound anything named syslog.conf There was the file called rsyslog.conf Are both same
John
5
votes
2 answers

How can I ship Windows Server 2008 event logs to a syslog server?

In the past with Windows Server 2003 I was able to ship the event logs to a central network syslog server using evtsys (https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys). It does not mention support for Server 2008 but does mention…
TrueDuality
  • 1,874
  • 5
  • 27
  • 37
5
votes
2 answers

Ubuntu syslog does not show previous days's logs

My Cron job is not running and i want to see what's problem in the syslog. But that log is only showing current date only , Is there any way to keep logs for the last 10 days?
John
5
votes
5 answers

Forwarding Windows log event using TCP

I'm looking for a way to safely centralize all my Windows and Linux logs on one location. Since I'm in a mixed environment, with both Linux and Windows, I started using Syslog-ng on the Linux boxes and Snare on the Windows ones, all pointing to a…
Nicolas Charles
  • 725
  • 5
  • 11
5
votes
3 answers

Where is dhcpd's syslog message formats documented?

I am looking at bunch of syslog messages written by dhcpd. I want to write a quick parser that can deconstruct the message into its component parts, but I don't know what the various parts mean. I assume this is documented somewhere, but my simple…
Chas. Owens
  • 2,053
  • 2
  • 21
  • 24
4
votes
3 answers

Centralizing PHP error logging with syslog

I have a PHP application that is running on 20 web servers. It's silly to check every servers' PHP error log. I'm planning to centralize the error logging on one (not a web server, a server just used for monitoring). PHP does support logging to…
Ammar
  • 185
  • 3
  • 7
4
votes
1 answer

How can I query rsyslog settings?

I am using rsyslog for program logging and system logging so I have unified log files. I'm having some messages dropping out and I'm not sure why, but I think it may be a configuration option set incorrectly or left at a default value I need to…
Brian
  • 141
  • 1
  • 3
4
votes
2 answers

Postfix - searching emails (logstash, greylog or other solution)

We are currently having ~100 servers and all of them are using remote syslog, so we have aggregated all logs on one server. The most questioned problem from our support team is: Has an email from .... to ... been delivered? I'd like to give to our…
Yarik Dot
  • 1,583
  • 12
  • 26
4
votes
2 answers

Properly Configured Rsyslog on CentOS

I'm trying to configure Rsyslog 5.8.10 on CentOS 6.4 to send Apache's error and access logs to a remote server. It's working, but I have a couple questions. UPDATE: A, B and C are the only ones pending an answer. A) I would like to use as few queues…
Gaia
  • 1,855
  • 5
  • 34
  • 60
4
votes
1 answer

Error setting capabilities, capability management disabled;

root@monitor:/opt/observium# service syslog-ng restart Stopping system logging: syslog-ng. Starting system logging: syslog-ngsyslog-ng: Error setting capabilities, capability management disabled; error='Operation not…
Tiffany Walker
  • 6,681
  • 14
  • 56
  • 82
1 2 3
43 44