Search Results

Search found 764 results on 31 pages for 'syslog'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/31 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Python - retrieving info from a syslog file

    - by Johnny
    Ive been asked to do a program using python for an assignment. Ive been given a syslog file and I have to find things out about it How do I find out how many attempts were made to login to the root account? Any advice would be highly appreciated as Im very new to python an completely lost!

    Read the article

  • CentOS centralised logging, syslogd, rsyslog, syslog-ng, logstash sender?

    - by benbradley
    I'm trying to figure out the best way to setup a central place to store and interrogate server logs. syslog, Apache, MySQL etc. I've found a few different options but I'm not sure what would be best. I'm looking for something that is easy to install and keep updated on many virtual machines. I can add it to a VM template going forward but I'd also like it to be easy to install to keep the VM complexity down. The options I've found so far are: syslogd syslog-ng rsyslog syslogd/syslog-ng/rsyslog to logstash/ElasticSearch logstash agent in each log "client" to send to Redis/logstash/ElasticSearch And all sorts of permutations of the above. What's the most resilient and light from the log "client" perspective? I'd like to avoid the situation where log "clients" hang because they are unable to send their logs to the logging server. Also I would still like to keep local logging and the rotation/retention provided by logrotate in place. Any ideas/suggestions or reasons for or against any of the above? Or suggestions of a different structure entirely? Cheers, B

    Read the article

  • Cablemodem (SBG6580) firewall denying some outbound traffic? Why? Not configured [migrated]

    - by lairdb
    I finally got around to turning the syslog on for my cablemodem (Motorola Surfboard SBG6580) and I'm seeing about the expected amount of inbound attackage being blocked... 2014-05-30 21:59:02 Local0.Alert 192.168.111.1 May 31 04:58:56 2014 SYSLOG[0]: [Host 192.168.111.1] UDP 12.230.209.198,4500 --> 66.27.xx.xx,61459 DENY:Firewall interface [IP Fragmented Packet] attack 2014-05-30 21:59:02 Local0.Alert 192.168.111.1 May 31 04:58:56 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 17.172.232.109,5223 --> 66.27.xx.xx,53814 DENY:Firewall interface access request 2014-05-30 21:59:02 Local0.Alert 192.168.111.1 May 31 04:58:57 2014 SYSLOG[0]: [Host 192.168.111.1] UDP 12.230.209.198,443 --> 66.27.xx.xx,53385 DENY: Firewall interface [IP Fragmented Packet] attack 2014-05-30 21:59:02 Local0.Alert 192.168.111.1 May 31 04:58:57 2014 SYSLOG[0]: [Host 192.168.111.1] UDP 12.230.209.198,4500 --> 66.27.xx.xx,61459 DENY:Firewall interface [IP Fragmented Packet] attack 2014-05-30 21:59:10 Local0.Alert 192.168.111.1 May 31 04:59:04 2014 SYSLOG[0]: [Host 192.168.111.1] UDP 12.230.209.198,443 --> 66.27.xx.xx,59960 DENY: Firewall interface [IP Fragmented Packet] attack 2014-05-30 21:59:10 Local0.Alert 192.168.111.1 May 31 04:59:04 2014 SYSLOG[0]: [Host 192.168.111.1] UDP 12.230.209.198,4500 --> 66.27.xx.xx,61459 DENY:Firewall interface [IP Fragmented Packet] attack ...and that's great. (Sad, but great.) But I'm also seeing a HUGE amount of what appears to be denied outbound connectivity: 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58969 --> 38.81.66.127,443 DENY: Inbound or outbound access request 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58969 --> 38.81.66.127,443 DENY: Inbound or outbound access request 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58965 --> 162.222.41.13,443 DENY: Inbound or outbound access request 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58965 --> 162.222.41.13,443 DENY: Inbound or outbound access request 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58964 --> 38.81.66.179,443 DENY: Inbound or outbound access request 2014-05-30 16:30:10 Local0.Alert 192.168.111.1 May 30 23:30:04 2014 SYSLOG[0]: [Host 192.168.111.1] TCP 192.168.111.100,58964 --> 38.81.66.179,443 DENY: Inbound or outbound access request ...and Spot checking suggests that it's all legitimate traffic (Opening connections to CrashPlan, etc.), I have no restrictions configured in the modem; I don't see why it should be blocking anything. Am I misreading the log entry, and it's not actually being denied? (Seems unlikely.) Is the ISP (TWC) pushing deny tables that are not exposed in the UI? (Tinfoil hat too tight.) I'm confused. (The good news, such as it is, is that AFAIK I'm not experiencing any actual issues... but maybe I am; tough to tell.) Thanks.

    Read the article

  • syslog not showing log levels in messages

    - by user837208
    Here is sample output of my syslog messages in /var/log/syslog : Nov 15 20:20:48 ubuntu winbindd[915]: [2011/11/15 20:20:48.940063, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Nov 15 20:20:48 ubuntu winbindd[915]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration How do I see what was the level of message? like info, warn, error etc? I am using Ubuntu 10.04 LTS with rsyslog package version 5.8.1-1ubuntu2

    Read the article

  • Cisco login on-failure using syslog doesn't show username on failure?

    - by Jim
    interesting issue I am running into. I am trying to get syslog rmeote logging working with a Cisco switch. i have it working and logging for both on-success and on-failure. However when it is a failed login attempt it does not show the user name that tried to log in in the logs? Here is what the log looks like after a failed login: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ] [Source: 10.0. 0.6] [localport: 23] [Reason: Login Authentication Failed] Here is what I ahve in the sh run: login block-for 60 attempts 3 within 60 login delay 1 login on-failure log login on-success log archive log config logging enable notify syslog contenttype plaintext logging trap notifications logging facility local4 logging 10.0.0.8 aaa new-model aaa authentication login default local group tacacs+ aaa authorization config-commands aaa authorization exec default local group tacacs+

    Read the article

  • How do I disable nginx sending messages to syslog?

    - by altman
    My nginx sends lots of messages to syslog, but I don't need them. In my nginx.conf: error_log /var/log/nginx-error.log notice; ...... server { access_log off; location / { .... } } but, in my /var/log/message you see Nov 22 23:25:09 cache3 nginx: 2011/11/22 23:25:09 [error] 3437#0: *32172530 kevent() reported about an closed connection (60: Operation timed out) while reading response header from upstream, client: , server: , request: "GET http://www.igoido012.com//vk HTTP/1.1", upstream: "http:////vk", host: "www.igoido012.com", referrer: "http://www.baidu.com/" Nov 22 23:25:09 cache3 nginx: 2011/11/22 23:25:09 [error] 3437#0: *32099531 upstream timed out (60: Operation timed out) while reading response header from upstream, client: , server: , request: "GET http://t.web2.qq.com/channel/poll?msg_id=0&clientid=431509&t=1321975433305 HTTP/1.1", upstream: "http://:80/channel/poll?msg_id=0&clientid=431509&t=1321975433305", host: "t.web2.qq.com", referrer: "http://t.web2.qq.com/proxy.html?v=20110331001" How can I prevent nginx sending messages to my syslog?

    Read the article

  • How do I setup a syslog server for my network?

    - by Solignis
    I would like to setup a syslog server to forward all log file from all of my VMs and servers. I really don't much about what is out there. So I turn to the community, Something on Linux is fine, what I want more is alert ability like emails telling me something is not right. If there was something to sort the logs by source that would be cool. Where would I want run the syslog server from? My admin WS or a server/VM? Any input would be wonderful. Thanks in advance.

    Read the article

  • Filter syslog in php functions, then display contents in JS div?

    - by qx3rt
    Let's revise this question with a new approach...I have three files: logtail.php, ajax.js and index.php. My goal is to create a syslog viewer (Linux). On index.php I made a div where I want to display only the filtered contents of the syslog. I must filter the contents in logtail.php. I have to use a shell_exec and | grep the contents with multiple different regexes. Right now I | grep the entire syslog file and it displays live in the log viewer, but my filters are not working as planned. I need help figuring out how to use $_GET to grab only the contents from the syslog that the user wants to see. I have a text field and submit button prepared for that in my index.php file. Should I use functions (tried this already)? Or is there a better approach? Can you give me some examples? logtail.php //Executes a shell script to grab all file contents from syslog on the device //Explodes that content into an array by new line, sorts from most recent entry to oldest entry if (file_exists($filename = '/var/log/syslog')) { $syslogContent = shell_exec("cat $filename | grep -e '.*' $filename"); $contentArray = explode("\n", $syslogContent); rsort($contentArray); print_r($contentArray); } ajax.js (working properly) function createRequest() { var request = null; try { request = new XMLHttpRequest(); } catch (trymicrosoft) { try { request = new ActiveXObject("Msxml2.XMLHTTP"); } catch (othermicrosoft) { try { request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (failed) { request = null; } } } if (request == null) { return alert("Error creating request object!"); } else { return request; } } var request = createRequest(); function getLog(timer) { var url = 'logtail.php'; request.open("GET", url, true); request.onreadystatechange = updatePage; request.send(null); startTail(timer); } function startTail(timer) { if (timer == "stop") { stopTail(); } else { t = setTimeout("getLog()",1000); } } function stopTail() { clearTimeout(t); var pause = "The log viewer has been paused. To begin viewing again, click the Start Log button.\n"; logDiv = document.getElementById("log"); var newNode = document.createTextNode(pause); logDiv.replaceChild(newNode,logDiv.childNodes[0]); } function updatePage() { if (request.readyState == 4) { if (request.status == 200) { var currentLogValue = request.responseText.split("\n"); eval(currentLogValue); logDiv = document.getElementById("log"); var logLine = ' '; for (i = 0; i < currentLogValue.length - 1; i++) { logLine += currentLogValue[i] + "<br/>\n"; } logDiv.innerHTML = logLine; } else alert("Error! Request status is " + request.status); } } index.php <script type="text/javascript" src="scripts/ajax.js"></script> <button style="margin-left:25px;" onclick="getLog('start');">Start Log</button> <button onclick="stopTail();">Stop Log</button> <form action="" method="get"> //This is where the filter options would be Date & Time (ex. Nov 03 07:24:57): <input type="text" name="dateTime" /> <input type="submit" value="submit" /> </form> <br> <div id="log" style="..."> //This is where the log contents are displayed </div>

    Read the article

  • Invalid Parameter on node puppet

    - by chandank
    I am getting an error of err: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter port at /etc/puppet/manifests/nodes/node.pp:652 on node test-puppet My puppet class: (The Line 652 at node.pp) node 'test-puppet' { class { 'syslog_ng': host => "newhost", ip => "192.168.1.10", port => "1999", logfile => "/var/log/test.log", } } On the module side class syslog_ng::config ( $host , $ip , $port, $logfile){ file {'/etc/syslog-ng/syslog-ng.conf': ensure => present, owner => 'root', group => 'root', content => template('syslog-ng/syslog-ng.conf.erb'), notify => Service['syslog-ng'], require => Class['syslog_ng::install'], } file {"/etc/syslog-ng/conf/${host}.conf": ensure => present, owner => 'root', group => 'root', notify => Service['syslog-ng'], content => template("syslog-ng/${host}.conf.erb"), require => Class['syslog_ng::install'], } } I think I am doing it as per the puppet documentation.

    Read the article

  • Can snort output an alert for a portscan (sfPortscan) to syslog?

    - by Jamie McNaught
    I've been working on this for too long now. I'm sure the answer should be obvious, but... Snort manual: http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf lists two logging outputs on pg 39 (pg 40 according to Acrobat Reader) as: "Unified Output" and "Log File Output" which I am guessing the former refers to the "unified" output mode... which makes me think the answer is "No, snort cannot output alerts for detected portscans to syslog." Config file I've been using is: alert tcp any 80 -> any any (msg:"TestTestTest"; content: "testtesttest"; sid:123) preprocessor sfportscan: proto { all } \ memcap { 10000000 } \ scan_type { all } \ sense_level { high } \ logfile { pscan.log } (yes, very basic I know). A simple nmap triggers output to the pscan.log Can anyone confirm this? Or point out how I do this?

    Read the article

  • Logstash shipper & server on the samebox

    - by keftes
    I'm trying to setup a central logstash configuration. However I would like to be sending my logs through syslog-ng and not third party shippers. This means that my logstash server is accepting via syslog-ng all the logs from the agents. I then need to install a logstash process that will be reading from /var/log/syslog-clients/* and grabbing all the log files that are sent to the central log server. These logs will then be sent to redis on the same VM. In theory I need to also configure a second logstash process that will read from redis and start indexing the logs and send them to elasticsearch. My question: Do I have to use two different logstash processes (shipper & server) even if I am in the same box (I want one log server instance)? Is there any way to just have one logstash configuration and have the process read from syslog-ng --- write to redis and also read from redis --- output to elastic search ? Diagram of my setup: [client]-------syslog-ng--- [log server] ---syslog-ng <----logstash-shipper --- redis <----logstash-server ---- elastic-search <--- kibana

    Read the article

  • XCP Project Kronos syslog error: "irq ... : nobody cared" on Dom0 host

    - by Vlad Fedin
    One of our production clusters driven by XCP suddenly went uresponsive. After restart and some investigation we found such logs in dom0 machine syslog: Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659040] irq 339: nobody cared (try booting with the "irqpoll" option) Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659058] Pid: 0, comm: swapper/3 Tainted: G C O 3.2.0-24-generic #37-Ubuntu Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659060] Call Trace: Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659062] <IRQ> [<ffffffff810db37d>] __report_bad_irq+0x3d/0xe0 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659071] [<ffffffff810db605>] note_interrupt+0x135/0x190 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659074] [<ffffffff810d8e69>] handle_irq_event_percpu+0xa9/0x220 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659078] [<ffffffff8130ff3b>] ? radix_tree_lookup+0xb/0x10 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659081] [<ffffffff810d9031>] handle_irq_event+0x51/0x80 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659084] [<ffffffff810dc187>] handle_edge_irq+0x87/0x140 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659089] [<ffffffff813a8829>] __xen_evtchn_do_upcall+0x199/0x250 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659092] [<ffffffff813aa96f>] xen_evtchn_do_upcall+0x2f/0x50 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659096] [<ffffffff81666d3e>] xen_do_hypervisor_callback+0x1e/0x30 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659097] <EOI> [<ffffffff810013aa>] ? hypercall_page+0x3aa/0x1000 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659104] [<ffffffff810013aa>] ? hypercall_page+0x3aa/0x1000 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659107] [<ffffffff8100a1d0>] ? xen_safe_halt+0x10/0x20 Oct 26 20:32:03 hetzner-2-mrx kernel: [1797931.659110] [<fff IRQ 339 in cat /proc/interrupts: 339: ... xen-pirq-msi-x eth0 where eth0 is hardware NIC. While host machine seems to hang, guest machines continue to work, so our tiny internal monitoring on one of the virtual hosts logged something like that: [2012-10-26 20:31:51] [OK......] 200 OK : 113159149 ns [2012-10-26 20:32:40] [DISASTER] 500 Can't connect to [hostname]:80 (No route to host) : 47763284432 ns ... [2012-10-26 20:34:40] [DISASTER] 500 Can't connect to [hostname]:80 (No route to host) : 46894835070 ns [2012-10-26 20:34:57] [DISASTER] 500 Can't connect to [hostname]:80 (Bad hostname) : 16821741955 ns ... [2012-10-26 20:38:18] [DISASTER] 500 Can't connect to [hostname]:80 (Bad hostname) : 20103298289 ns [2012-10-26 20:38:37] [DISASTER] 500 Can't connect to [hostname]:80 (Bad hostname) : 17895754943 ns Host and guest OS: Ubuntu 12.04 LTS, 05:00.0 Ethernet controller: Intel Corporation 82574L Gigabit Network Connection Subsystem: ASUSTeK Computer Inc. Device 8369 Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx+ Latency: 0, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 17 Region 0: Memory at fe500000 (32-bit, non-prefetchable) [size=128K] Region 2: I/O ports at e000 [size=32] Region 3: Memory at fe520000 (32-bit, non-prefetchable) [size=16K] Capabilities: <access denied> Kernel driver in use: e1000e Kernel modules: e1000e Any hints how to debug this?

    Read the article

  • Filtering bad requests from Apache -> logger -> rsyslog to syslog-ng on a remote logging server possible?

    - by zeyus
    EDIT: Thanks for the help Here is a quick idea of the setup: webserver X In apache httpd.conf: LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vcombined CustomLog "|/usr/bin/logger -p local6.info -t access " vcombined In rsyslog.conf: *.* @logserver Logserver syslog-ng.conf: ... parser p_apache {csv-parser(columns( "APACHE.VIRTUAL_HOST", "APACHE.CLIENT_IP", "APACHE.IDENT_NAME", "APACHE.USER_NAME", "APACHE.TIMESTAMP", "APACHE.REQUEST_URL", "APACHE.REQUEST_STATUS", "APACHE.CONTENT_LENGTH", "APACHE.REFERER", "APACHE.USER_AGENT", "APACHE.PROCESS_TIME", "APACHE.SERVER_NAME") # flags: # escape-none,escape-backslash,escape-double-char, # strip-whitespace flags(escape-double-char,strip-whitespace) delimiters(" ") quote-pairs('""[]') );}; ... source s_net { udp(ip(0.0.0.0) port(514) so_rcvbuf(1048576)); }; destination hosts_acc { file("/var/log/hosts/$HOST/${APACHE.VIRTUAL_HOST}_acc.log"); }; filter f_apacheacc { facility(local6); }; log { source(s_net); parser(p_apache); filter(f_apacheacc); destination(hosts_acc); }; ... The log's get there just fine, but there are a LOT of logs like the following: -rw------- 1 root root 5726 Apr 6 01:02 xc3\x9d\xc3\x9ed$yA;_acc.log -rw------- 1 root root 23435 Apr 6 01:06 \xc3\x9ed$yA;_acc.log -rw------- 1 root root 745 Apr 6 00:57 xc3\x9ed$yA;_acc.log -rw------- 1 root root 8440 Apr 5 22:50 \xc3\xaf_F\xc3\x95$yA;_acc.log -rw------- 1 root root 3112 Apr 6 00:58 xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA;_acc.log -rw------- 1 root root 4220 Apr 5 22:03 xe2\x80\x98\twd\xc2\xa2\xc2\xb0\xc3\x96$yA;_acc.log -rw------- 1 root root 1055 Apr 5 22:03 xe2\x80\x98\xc2\x9dw\xc3\x94\xc3\xb4T\xc5\x93$yA;_acc.log -rw------- 1 root root 1821 Apr 6 00:58 \xe2\x80\x98\xc3\x9d\xc3\x9ed$yA;_acc.log -rw------- 1 root root 2875 Apr 6 01:02 xe2\x80\x98\xc3\x9d\xc3\x9ed$yA;_acc.log -rw------- 1 root root 3165 Apr 5 22:48 \xe2\x80\x99-w\xc3\xaf_F\xc3\x95$yA;_acc.log -rw------- 1 root root 3165 Apr 5 22:40 \xe2\x80\x99\xe2\x80\x9aw\xe2\x82\xac\xc2\xbd\xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 15825 Apr 5 22:50 xe2\x80\x99\xe2\x80\x9aw\xe2\x82\xac\xc2\xbd\xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 1055 Apr 5 22:39 \xe2\x80\x9aw\xe2\x82\xac\xc2\xbd\xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 2110 Apr 5 22:50 xe2\x80\x9aw\xe2\x82\xac\xc2\xbd\xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 2034 Apr 5 22:50 \xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 4066 Apr 5 22:45 xe2\x80\x9d($yA;_acc.log -rw------- 1 root root 7212 Apr 6 13:30 \xe2\x80\xb9>$yA;_acc.log -rw------- 1 root root 3000 Apr 6 13:25 xe2\x80\xb9>$yA;_acc.log My question is where, and how can I filter these out, I don't want them on the filesystem (But actually I guess it wouldn't be a bad idea to keep them logged, but in their correct VHost file) Here is an example VHost <VirtualHost *:80> ServerAdmin [email protected] ServerName xxx.xx DocumentRoot /var/www/vhosts/xxx <Directory /var/www/vhosts/xxx> AllowOverride All Options All RewriteEngine on </Directory> </VirtualHost> And the default "catch-all" vhost at the bottom of the vhosts config file: <VirtualHost *:80> ServerName default ServerAlias * ServerAlias catchall.xxx.xx DocumentRoot /var/www/vhosts/nodomain <Directory "/var/www/vhosts/nodomain"> Options Indexes FollowSymLinks AllowOverride none Allow from All </Directory> CustomLog /dev/null combined ErrorLog /dev/null </VirtualHost> I had posted this in a related question but It's better in it's own question. Here are some examples from inside the log files r_acc.log: Apr 7 11:16:27 xxxxx access: r PC 5.0; eSobiSubscriber 2.0.4.16; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)" Apr 7 11:16:28 xxxxx access: r PC 5.0; eSobiSubscriber 2.0.4.16; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)" ######################## D46-28E2-0FBC95-78798EV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA;_acc.log: Apr 7 14:54:06 xxxxx access: D46-28E2-0FBC95-78798EV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; B557000E-F20D-35DD-021A-9824EC-17A4AFV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; 3BD03D7B-EEFD-83FF-7599-B751AD-6F0A2EV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; 9CAE0724-D455-0B31-3378-871C11-BBD0A4V\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; C1E24799-3979-2452-81-3BAA0FFD361F5A; 0E701CBC-5832-5AB6-D5-CFBF9BDE863EAA; 464714B1-B3E2-774A-A4-FEA612A46CEE06; 74C817B0-D081-D2CC-6D-C4EF0F1B4F49BB; 1338B1DE-67CD-977C-B35D-1F2C4441DD6A; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C; BRI/2)" ######################## V\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA;_acc.log: Apr 7 14:55:04 xxxxx access: V\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; FEEACE4F-092A-1D46-28E2-0FBC95-78798EV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; B557000E-F20D-35DD-021A-9824EC-17A4AFV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; 3BD03D7B-EEFD-83FF-7599-B751AD-6F0A2EV\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; 9CAE0724-D455-0B31-3378-871C11-BBD0A4V\xe2\x80\x94w\xe2\x80\x98\xc3\x9d\xc3\x9ed$yA; C1E24799-3979-2452-81-3BAA0FFD361F5A; 0E701CBC-5832-5AB6-D5-CFBF9BDE863EAA; 464714B1-B3E2-774A-A4-FEA612A46CEE06; 74C817B0-D081-D2CC-6D-C4EF0F1B4F49BB; 1338B1DE-67CD-977C-B35D-1F2C4441DD6A; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C; BRI/2)" ################### xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA;_acc.log: Apr 7 19:48:39 xxxxx access: xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 3C12D25C-9D40-91CF-1F40-AC-B1A083426DV-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; D4713FA8-0142-A0C2-4812-BA-E03221005BV-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 199BAF2A-ECD5-39FA-65C3-E8-B107FAFF08V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 384BDA70-9954-7744-05A0-C4-C7D9FEA685V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; EE7292A9-333C-AF70-5A7F-55-CAA7D0BA39V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; -AD7D48FA3A55-2A33-D10B-B4B66276D8B8; -166A9C6A2E71-24DF-A192-C8258AA4DE14; -00077C6C84E0-A302-4954-3D6D17C54D31; 3F56C318-EC3C-432B-680F-7E4BB2B852C4; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)" Apr 7 19:48:39 xxxxx access: xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 3C12D25C-9D40-91CF-1F40-AC-B1A083426DV-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; D4713FA8-0142-A0C2-4812-BA-E03221005BV-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 199BAF2A-ECD5-39FA-65C3-E8-B107FAFF08V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; 384BDA70-9954-7744-05A0-C4-C7D9FEA685V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; EE7292A9-333C-AF70-5A7F-55-CAA7D0BA39V-w\xc2\x90\xc3\x91\xc3\x94\xc2\xab$yA; -AD7D48FA3A55-2A33-D10B-B4B66276D8B8; -166A9C6A2E71-24DF-A192-C8258AA4DE14; -00077C6C84E0-A302-4954-3D6D17C54D31; 3F56C318-EC3C-432B-680F-7E4BB2B852C4; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)" Thanks

    Read the article

  • Getting a UDP socket program in Python to accept messages from a Syslog client?

    - by Elvar
    I'm trying to write a Syslog listener and so far so good on getting it to accept incoming messages through TCP but I also want UDP to function. This is the UDP server code I'm using, which works using a python client app. I also have another app which also works just using the python client app. # Server program # UDP VERSION from socket import * # Set the socket parameters host = "localhost" port = 514 buf = 1024 addr = (host,port) # Create socket and bind to address UDPSock = socket(AF_INET,SOCK_DGRAM) UDPSock.bind(addr) # Receive messages while 1: data,addr = UDPSock.recvfrom(buf) if not data: print "Client has exited!" break else: print "\nReceived message '", data,"'" # Close socket UDPSock.close() Using this code I can send to the server and have it display the code. # Client program from socket import * # Set the socket parameters host = "localhost" port = 514 buf = 1024 addr = (host,port) # Create socket UDPSock = socket(AF_INET,SOCK_DGRAM) def_msg = "===Enter message to send to server==="; print "\n",def_msg # Send messages while (1): data = raw_input('>> ') if not data: break else: if(UDPSock.sendto(data,addr)): print "Sending message '",data,"'....." # Close socket UDPSock.close() I have tried the Kiwi Syslog Message Generator and Snare to send syslog messages to the UDP server and nothing comes up. Could someone help me understand?

    Read the article

  • syslog message format question

    - by razor
    is there a way with rsyslog or syslog-ng to allow tab delimited messages? I'm currently using rsyslog and the c syslog() function to generate syslog messages from within my app. The problem is that I use \t and they get translated into #011 when I view the logs. Ideally I'd like to have the other control chars translated except tab. is something like this possible?

    Read the article

  • How to keep haproxy log messages out of /var/log/syslog

    - by itsadok
    I set up haproxy logging via rsyslogd using the tips from this article, and everything seems to be working fine. The log files get the log messages. However, every log message from haproxy also shows up at /var/log/syslog. This means that once the server goes live, the syslog will be quite useless, as it will be run over with haproxy log messages. I would like to filter out those messages from /var/log/syslog. After going over the rsyslogd documentation, I tried to change the file /etc/rsyslog.d/50-default.conf thus: *.*;auth,authpriv.none;haproxy.none -/var/log/syslog I simply added the ;haproxy.nonepart. After restarting rsyslogd it stopped working completely until I reverted my changes. What am I doing wrong?

    Read the article

  • Trouble filtering using rsyslog as syslog server for router

    - by JPbuntu
    I am trying to configure rsyslog (Ubuntu 12.04 Server) to log events from my router. I found this link which got me most of the way there. I am able to get the events logged from the router, and since I don't them logged in syslog, I set up a filter in rsyslog.conf like this: :fromhost-ip, isequal, "192.168.2.1" /var/log/linksys.log & ~ This works, the only problem is now I am not getting any SSHD logs in auth.log. I am really stumped why this would be, SSHD is a local service. I tried using a different filter instead: :msg,contains, "RV042" /var/log/linksys.log & ~ since RV042 is the name of the router, but this doesn't log anything. Any ideas?

    Read the article

  • Nullmailer in /var/log/syslog

    - by Fluffy
    I'm getting a lot of messages like these: me@home:/etc/snmp$ tail /var/log/syslog Jun 12 17:52:15 home nullmailer[1238]: Starting delivery: protocol: smtp host: mail. file: 1339502401.24665 Jun 12 17:52:15 home nullmailer[7086]: smtp: Failed: Connect failed Jun 12 17:52:15 home nullmailer[1238]: Sending failed: Host not found Jun 12 17:52:15 home nullmailer[1238]: Starting delivery: protocol: smtp host: mail. file: 1339174804.27614 Jun 12 17:52:15 home nullmailer[7087]: smtp: Failed: Connect failed Jun 12 17:52:15 home nullmailer[1238]: Sending failed: Host not found Jun 12 17:52:15 home nullmailer[1238]: Starting delivery: protocol: smtp host: mail. file: 1339324201.21737 Jun 12 17:52:15 home nullmailer[7088]: smtp: Failed: Connect failed Jun 12 17:52:15 home nullmailer[1238]: Sending failed: Host not found Jun 12 17:52:15 home nullmailer[1238]: Delivery complete, 331 message(s) remain. The problem is, I don't recall sending anything. How do I find out which software is sending these messages? How do I read them?

    Read the article

  • Redirect network logs from syslog to another file

    - by w0rldart
    I keep logging way to much info (not needed, for now) in my syslog, and not daily or hourly... but instant. If I want to watch for something in my syslog I just can't because the network log keeps interfering. So, how can I redirect network logs to another file and/or stop logging it? Dec 10 17:01:33 user kernel: [ 8716.000587] MediaState is connected Dec 10 17:01:33 user kernel: [ 8716.000599] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:01:33 user kernel: [ 8716.000601] ==>rt_ioctl_giwfreq 11 Dec 10 17:01:33 user kernel: [ 8716.000612] rt28xx_get_wireless_stats ---> Dec 10 17:01:33 user kernel: [ 8716.000615] <--- rt28xx_get_wireless_stats Dec 10 17:01:39 user kernel: [ 8722.000714] MediaState is connected Dec 10 17:01:39 user kernel: [ 8722.000729] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:01:39 user kernel: [ 8722.000732] ==>rt_ioctl_giwfreq 11 Dec 10 17:01:39 user kernel: [ 8722.000747] rt28xx_get_wireless_stats ---> Dec 10 17:01:39 user kernel: [ 8722.000751] <--- rt28xx_get_wireless_stats Dec 10 17:01:44 user kernel: [ 8726.904025] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:01:45 user kernel: [ 8728.003138] MediaState is connected Dec 10 17:01:45 user kernel: [ 8728.003153] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:01:45 user kernel: [ 8728.003157] ==>rt_ioctl_giwfreq 11 Dec 10 17:01:45 user kernel: [ 8728.003171] rt28xx_get_wireless_stats ---> Dec 10 17:01:45 user kernel: [ 8728.003175] <--- rt28xx_get_wireless_stats Dec 10 17:01:51 user kernel: [ 8734.004066] MediaState is connected Dec 10 17:01:51 user kernel: [ 8734.004079] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:01:51 user kernel: [ 8734.004082] ==>rt_ioctl_giwfreq 11 Dec 10 17:01:51 user kernel: [ 8734.004096] rt28xx_get_wireless_stats ---> Dec 10 17:01:51 user kernel: [ 8734.004099] <--- rt28xx_get_wireless_stats Dec 10 17:01:57 user kernel: [ 8740.004108] MediaState is connected Dec 10 17:01:57 user kernel: [ 8740.004119] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:01:57 user kernel: [ 8740.004121] ==>rt_ioctl_giwfreq 11 Dec 10 17:01:57 user kernel: [ 8740.004132] rt28xx_get_wireless_stats ---> Dec 10 17:01:57 user kernel: [ 8740.004135] <--- rt28xx_get_wireless_stats Dec 10 17:01:57 user kernel: [ 8740.436021] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:03 user kernel: [ 8746.005280] MediaState is connected Dec 10 17:02:03 user kernel: [ 8746.005294] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:02:03 user kernel: [ 8746.005298] ==>rt_ioctl_giwfreq 11 Dec 10 17:02:03 user kernel: [ 8746.005312] rt28xx_get_wireless_stats ---> Dec 10 17:02:03 user kernel: [ 8746.005315] <--- rt28xx_get_wireless_stats Dec 10 17:02:09 user kernel: [ 8752.004790] MediaState is connected Dec 10 17:02:09 user kernel: [ 8752.004804] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:02:09 user kernel: [ 8752.004808] ==>rt_ioctl_giwfreq 11 Dec 10 17:02:09 user kernel: [ 8752.004821] rt28xx_get_wireless_stats ---> Dec 10 17:02:09 user kernel: [ 8752.004825] <--- rt28xx_get_wireless_stats Dec 10 17:02:15 user kernel: [ 8757.984031] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:15 user kernel: [ 8758.004078] MediaState is connected Dec 10 17:02:15 user kernel: [ 8758.004094] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:02:15 user kernel: [ 8758.004097] ==>rt_ioctl_giwfreq 11 Dec 10 17:02:15 user kernel: [ 8758.004112] rt28xx_get_wireless_stats ---> Dec 10 17:02:15 user kernel: [ 8758.004116] <--- rt28xx_get_wireless_stats Dec 10 17:02:16 user kernel: [ 8759.492017] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:19 user kernel: [ 8762.002179] SCANNING, suspend MSDU transmission ... Dec 10 17:02:19 user kernel: [ 8762.004291] MlmeScanReqAction -- Send PSM Data frame for off channel RM, SCAN_IN_PROGRESS=1! Dec 10 17:02:19 user kernel: [ 8762.025055] SYNC - BBP R4 to 20MHz.l Dec 10 17:02:19 user kernel: [ 8762.027249] RT35xx: SwitchChannel#1(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF1, K=0x02, R=0x02 Dec 10 17:02:19 user kernel: [ 8762.170206] RT35xx: SwitchChannel#2(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF1, K=0x07, R=0x02 Dec 10 17:02:19 user kernel: [ 8762.318211] RT35xx: SwitchChannel#3(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF2, K=0x02, R=0x02 Dec 10 17:02:19 user kernel: [ 8762.462269] RT35xx: SwitchChannel#4(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF2, K=0x07, R=0x02 Dec 10 17:02:19 user kernel: [ 8762.606229] RT35xx: SwitchChannel#5(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF3, K=0x02, R=0x02 Dec 10 17:02:19 user kernel: [ 8762.750202] RT35xx: SwitchChannel#6(RF=8, Pwr0=30, Pwr1=25, 2T), N=0xF3, K=0x07, R=0x02 Dec 10 17:02:20 user kernel: [ 8762.894217] RT35xx: SwitchChannel#7(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF4, K=0x02, R=0x02 Dec 10 17:02:20 user kernel: [ 8763.038202] RT35xx: SwitchChannel#11(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF6, K=0x02, R=0x02 Dec 10 17:02:20 user kernel: [ 8763.040194] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:20 user kernel: [ 8763.040199] BAR(1) : Tid (0) - 03a3:037e Dec 10 17:02:20 user kernel: [ 8763.040387] SYNC - End of SCAN, restore to channel 11, Total BSS[03] Dec 10 17:02:20 user kernel: [ 8763.040400] ScanNextChannel -- Send PSM Data frame Dec 10 17:02:20 user kernel: [ 8763.040402] bFastRoamingScan ~~~~~~~~~~~~~ Get back to send data ~~~~~~~~~~~~~ Dec 10 17:02:20 user kernel: [ 8763.040405] SCAN done, resume MSDU transmission ... Dec 10 17:02:20 user kernel: [ 8763.047022] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:20 user kernel: [ 8763.047026] BAR(1) : Tid (0) - 03a3:03a5 Dec 10 17:02:21 user kernel: [ 8763.898130] bImprovedScan ............. Resume for bImprovedScan, SCAN_PENDING .............. Dec 10 17:02:21 user kernel: [ 8763.898143] SCANNING, suspend MSDU transmission ... Dec 10 17:02:21 user kernel: [ 8763.900245] MlmeScanReqAction -- Send PSM Data frame for off channel RM, SCAN_IN_PROGRESS=1! Dec 10 17:02:21 user kernel: [ 8763.921144] SYNC - BBP R4 to 20MHz.l Dec 10 17:02:21 user kernel: [ 8763.923339] RT35xx: SwitchChannel#8(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF4, K=0x07, R=0x02 Dec 10 17:02:21 user kernel: [ 8763.996019] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:21 user kernel: [ 8764.066221] RT35xx: SwitchChannel#9(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF5, K=0x02, R=0x02 Dec 10 17:02:21 user kernel: [ 8764.210212] RT35xx: SwitchChannel#10(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF5, K=0x07, R=0x02 Dec 10 17:02:21 user kernel: [ 8764.215536] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.215542] BAR(1) : Tid (0) - 0457:0452 Dec 10 17:02:21 user kernel: [ 8764.244000] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.244004] BAR(1) : Tid (0) - 0459:0456 Dec 10 17:02:21 user kernel: [ 8764.253019] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.253023] BAR(1) : Tid (0) - 045c:0458 Dec 10 17:02:21 user kernel: [ 8764.256677] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.256681] BAR(1) : Tid (0) - 045c:045b Dec 10 17:02:21 user kernel: [ 8764.259785] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.259788] BAR(1) : Tid (0) - 045d:045b Dec 10 17:02:21 user kernel: [ 8764.280467] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.280471] BAR(1) : Tid (0) - 045f:045c Dec 10 17:02:21 user kernel: [ 8764.282189] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:21 user kernel: [ 8764.282192] BAR(1) : Tid (0) - 045f:045e Dec 10 17:02:21 user kernel: [ 8764.354204] RT35xx: SwitchChannel#11(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF6, K=0x02, R=0x02 Dec 10 17:02:21 user kernel: [ 8764.356408] ScanNextChannel():Send PWA NullData frame to notify the associated AP! Dec 10 17:02:21 user kernel: [ 8764.498202] RT35xx: SwitchChannel#12(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF6, K=0x07, R=0x02 Dec 10 17:02:21 user kernel: [ 8764.642210] RT35xx: SwitchChannel#13(RF=8, Pwr0=30, Pwr1=28, 2T), N=0xF7, K=0x02, R=0x02 Dec 10 17:02:22 user kernel: [ 8764.790229] RT35xx: SwitchChannel#14(RF=8, Pwr0=30, Pwr1=28, 2T), N=0xF8, K=0x04, R=0x02 Dec 10 17:02:22 user kernel: [ 8764.934238] RT35xx: SwitchChannel#11(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF6, K=0x02, R=0x02 Dec 10 17:02:22 user kernel: [ 8764.935243] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:22 user kernel: [ 8764.935249] BAR(1) : Tid (0) - 048e:0485 Dec 10 17:02:22 user kernel: [ 8764.936423] SYNC - End of SCAN, restore to channel 11, Total BSS[05] Dec 10 17:02:22 user kernel: [ 8764.936436] ScanNextChannel -- Send PSM Data frame Dec 10 17:02:22 user kernel: [ 8764.936440] SCAN done, resume MSDU transmission ... Dec 10 17:02:22 user kernel: [ 8764.940529] RT35xx: SwitchChannel#11(RF=8, Pwr0=29, Pwr1=26, 2T), N=0xF6, K=0x02, R=0x02 Dec 10 17:02:22 user kernel: [ 8764.942178] CntlEnqueueForRecv(): BAR-Wcid(1), Tid (0) Dec 10 17:02:22 user kernel: [ 8764.942182] BAR(1) : Tid (0) - 0493:048e Dec 10 17:02:22 user kernel: [ 8764.942715] CNTL - All roaming failed, restore to channel 11, Total BSS[05] Dec 10 17:02:22 user kernel: [ 8764.948016] MMCHK - No BEACON. restore R66 to the low bound(56) Dec 10 17:02:22 user kernel: [ 8764.948307] ===>rt_ioctl_giwscan. 5(5) BSS returned, data->length = 1111 Dec 10 17:02:23 user kernel: [ 8766.048073] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:23 user kernel: [ 8766.552034] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:27 user kernel: [ 8770.001180] MediaState is connected Dec 10 17:02:27 user kernel: [ 8770.001197] ==>rt_ioctl_giwmode(mode=2) Dec 10 17:02:27 user kernel: [ 8770.001201] ==>rt_ioctl_giwfreq 11 Dec 10 17:02:27 user kernel: [ 8770.001219] rt28xx_get_wireless_stats ---> Dec 10 17:02:27 user kernel: [ 8770.001223] <--- rt28xx_get_wireless_stats Dec 10 17:02:28 user kernel: [ 8771.564020] QuickDRS: TxTotalCnt <= 15, train back to original rate Dec 10 17:02:29 user kernel: [ 8772.064031] QuickDRS: TxTotalCnt <= 15, train back to original rate

    Read the article

  • How to make whoopsie more silent (log clutter with "online"messages)

    - by Rmano
    I know what whoopsie is from the answers to What is the 'whoopsie' process and how can I remove it? I do not want to stop error reporting, as I think that error reporting is the minimum a user should do to try to help Ubuntu. But since the upgrade to 13.10, whoopsie has grown up quite chatty. I have literally hundreds of messages like that in my logs: SYS: Nov 4 14:40:48 samsung-romano whoopsie[1156]: online SYS: Nov 4 14:41:56 whoopsie[1156]: last message repeated 4 times SYS: Nov 4 14:42:56 whoopsie[1156]: last message repeated 2 times SYS: Nov 4 14:43:56 whoopsie[1156]: last message repeated 2 times SYS: Nov 4 14:44:56 whoopsie[1156]: last message repeated 2 times % zgrep whoopsie /var/log/syslog*gz | wc -l 773 Is there a way to tell whoopsie to be less verbose? (the funny output format is from SLogger, a homemade program to check system log files I wrote ages ago, but this is basically the content of /var/log/syslog file).

    Read the article

  • "Supervising" syslog-ng in htop

    - by djechelon
    Hello, I was working at my server, when in htop I just noticed something unusual. The syslog-ng process was listed as follows supervising syslog-ng /sbin/syslog-ng I don't know what it means. I tried to do man supervising but found nothing. supervising command doesn't exist too. Googling, I found a page about launchtool, but I can't find neither it or its man page in my system. I'm curious What does that executable/command/whatever do? Why today did I read that line in htop? Thank you. PS: I was unsure about posting this to SU or SF: even if it's a server-related question, it covers general Linux.

    Read the article

  • Disk errors on tty and syslog/dmesg

    - by Shoaibi
    Recently I have started to get a lot of these errors: Jun 18 08:57:42 abacus kernel: [ 401.554292] ata5: SError: { HostInt 10B8B } Jun 18 08:57:42 abacus kernel: [ 401.559346] sr 4:0:0:0: CDB: Test Unit Ready: 00 00 00 00 00 00 Jun 18 08:57:42 abacus kernel: [ 401.560191] ata5.00: cmd a0/00:00:00:00:00/00:00:00:00:00/a0 tag 0 Jun 18 08:57:42 abacus kernel: [ 401.560231] res 51/20:03:00:00:00/00:00:00:00:00/a0 Emask 0x40 (internal error) Jun 18 08:57:42 abacus kernel: [ 401.575310] ata5.00: status: { DRDY ERR } Jun 18 08:57:42 abacus kernel: [ 401.579801] ata5: hard resetting link Jun 18 08:57:42 abacus kernel: [ 401.929320] ata5: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Jun 18 08:57:42 abacus kernel: [ 401.941936] ata5.00: configured for UDMA/100 Jun 18 08:57:42 abacus kernel: [ 401.969426] ata5: EH complete Jun 18 08:57:54 abacus kernel: [ 413.527699] ata5.00: exception Emask 0x40 SAct 0x0 SErr 0x80800 action 0x6 Jun 18 08:57:54 abacus kernel: [ 413.527779] ata5.00: irq_stat 0x40000001 Jun 18 08:57:54 abacus kernel: [ 413.527822] ata5: SError: { HostInt 10B8B } Jun 18 08:57:54 abacus kernel: [ 413.527901] sr 4:0:0:0: CDB: Test Unit Ready: 00 00 00 00 00 00 Jun 18 08:57:54 abacus kernel: [ 413.528103] ata5.00: cmd a0/00:00:00:00:00/00:00:00:00:00/a0 tag 0 Jun 18 08:57:54 abacus kernel: [ 413.528142] res 51/20:03:00:00:00/00:00:00:00:00/a0 Emask 0x40 (internal error) Jun 18 08:57:54 abacus kernel: [ 413.528184] ata5.00: status: { DRDY ERR } Jun 18 08:57:54 abacus kernel: [ 413.528303] ata5: hard resetting link Jun 18 08:57:54 abacus kernel: [ 413.875894] ata5: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Jun 18 08:57:54 abacus kernel: [ 413.888267] ata5.00: configured for UDMA/100 Jun 18 08:57:54 abacus kernel: [ 413.916365] ata5: EH complete Jun 18 08:57:56 abacus kernel: [ 415.537834] ata5.00: exception Emask 0x40 SAct 0x0 SErr 0x80800 action 0x6 Jun 18 08:57:56 abacus kernel: [ 415.545253] ata5.00: irq_stat 0x40000001 Jun 18 08:57:56 abacus kernel: [ 415.549788] ata5: SError: { HostInt 10B8B } Jun 18 08:57:56 abacus kernel: [ 415.554840] sr 4:0:0:0: CDB: Test Unit Ready: 00 00 00 00 00 00 Jun 18 08:57:56 abacus kernel: [ 415.555201] ata5.00: cmd a0/00:00:00:00:00/00:00:00:00:00/a0 tag 0 Jun 18 08:57:56 abacus kernel: [ 415.555242] res 51/20:03:00:00:00/00:00:00:00:00/a0 Emask 0x40 (internal error) Jun 18 08:57:56 abacus kernel: [ 415.570483] ata5.00: status: { DRDY ERR } Jun 18 08:57:56 abacus kernel: [ 415.574695] ata5: hard resetting link Jun 18 08:57:56 abacus kernel: [ 415.924954] ata5: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Jun 18 08:57:56 abacus kernel: [ 415.936831] ata5.00: configured for UDMA/100 Jun 18 08:57:56 abacus kernel: [ 415.965001] ata5: EH complete Jun 18 08:58:02 abacus kernel: [ 421.529784] ata5.00: exception Emask 0x40 SAct 0x0 SErr 0x80800 action 0x6 Jun 18 08:58:02 abacus kernel: [ 421.529904] ata5.00: irq_stat 0x40000001 Jun 18 08:58:02 abacus kernel: [ 421.530023] ata5: SError: { HostInt 10B8B } Jun 18 08:58:02 abacus kernel: [ 421.530104] sr 4:0:0:0: CDB: Test Unit Ready: 00 00 00 00 00 00 Jun 18 08:58:02 abacus kernel: [ 421.530425] ata5.00: cmd a0/00:00:00:00:00/00:00:00:00:00/a0 tag 0 Jun 18 08:58:02 abacus kernel: [ 421.530466] res 51/20:03:00:00:00/00:00:00:00:00/a0 Emask 0x40 (internal error) Jun 18 08:58:02 abacus kernel: [ 421.530583] ata5.00: status: { DRDY ERR } Jun 18 08:58:02 abacus kernel: [ 421.530705] ata5: hard resetting link Jun 18 08:58:02 abacus kernel: [ 421.873218] ata5: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Jun 18 08:58:02 abacus kernel: [ 421.885040] ata5.00: configured for UDMA/100 Jun 18 08:58:02 abacus kernel: [ 421.913404] ata5: EH complete Are these critical error messages? What would be the cause and remedy?

    Read the article

  • mysqld_safe Can't log to error log and syslog at the same time. Remove all --log-error configuration options for --syslog to take effect

    - by photon
    When I'm trying to install MySQL 5.5 community edition on my Ubuntu 10.04 by compiling the source code, I met the following problem: $ fg % 1 sudo ../bin/mysqld_safe --basedir=/usr/local/mysql_community_5.5/data --user=mysql --defaults-file=/etc/my.cnf [sudo] password for linnan: Sorry, try again. [sudo] password for linnan: 121023 09:26:21 mysqld_safe Can't log to error log and syslog at the same time. Remove all --log-error configuration options for --syslog to take effect. Internal program error (non-fatal): unknown logging method '/usr/local/mysql_community_5.5/log/mysql.log' 121023 09:26:21 mysqld_safe Logging to '/var/log/mysql/error.log'. Internal program error (non-fatal): unknown logging method '/usr/local/mysql_community_5.5/log/mysql.log' 121023 09:26:22 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 121023 09:26:23 mysqld_safe mysqld from pid file /var/lib/mysql/ubuntu.pid ended It seems that the problem is related to log configuration. I've noticed a bugfix related to this problem: http://bugs.mysql.com/bug.php?id=50083 But I still have no idea how to solve it. The relative content in /etc/my.cnf: [mysqld] port = 3306 socket = /tmp/mysql.sock skip-external-locking key_buffer_size = 384M max_allowed_packet = 1M table_open_cache = 512 sort_buffer_size = 2M read_buffer_size = 2M read_rnd_buffer_size = 8M myisam_sort_buffer_size = 64M thread_cache_size = 8 query_cache_size = 32M # Try number of CPU's*2 for thread_concurrency thread_concurrency = 8 character-set-server=utf8 [mysqld-safe] basedir=/usr/local/mysql_community_5.5 datadir=/usr/local/mysql_community_5.5/data mysqld_safe_syslog.cnf: /etc/mysql/conf.d/mysqld_safe_syslog.cnf: [mysqld_safe] syslog

    Read the article

  • Correlating /var/log/* timestamps

    - by intuited
    /var/log/messages, /var/log/syslog, and some other log files use a timestamp which contains an absolute time, like Jan 13 14:13:10. /var/log/Xorg.0.log and /var/log/dmesg, as well as the output of $ dmesg, use a format that looks like [50595.991610] malkovich: malkovich malkovich malkovich malkovich I'm guessing/gathering that the numbers represent seconds and microseconds since startup. However, my attempt to correlate these two sets of timestamps (using the output from uptime) gave a discrepancy of about 5000 seconds. This is roughly the amount of time my computer was suspended for. Is there a convenient way to map the numeric timestamps used by dmesg and Xorg into absolute timestamps?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >