Search Results

Search found 55692 results on 2228 pages for 'error logging'.

Page 93/2228 | < Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100 | Next Page >

Log and debug/decrypt an windows application's HTTPS traffic

- by cweiske

I've got a proprietary windows-only application that uses HTTPS to speak with a (also proprietary, undocumented) web service. To ultimately be able to use the web service's functionality on my linux machines, I want to reverse-engineer the web service API by analyzing the requests sent by the application. Now the question: How can I decrypt and log the HTTPS traffic? I know of several solutions which don't apply in my case: Fiddler is a man-in-the-middle HTTPS proxy which I cannot use since the application doesn't support proxies. Also, I do not (yet) know if it works with self-signed server certificates, which I doubt. Wireshark is able to decrypt SSL streams if you have the server's private certificate, which I don't have. any browser extension since the application is not a browser If I remember correctly, there have been some trojans that capture online banking information by hooking into/replacing the window's crypto API. Since the machine is mine, low level changes are possible. Maybe there is a non-trojan (white-hat) network log application out there which does the same? There is a blackhat presentation with some details available to read. They refer to Microsoft Research Detour for easy API hooking.

Read the article
Benefits of log rotation

- by Manfred Moser

I have been using logrotation for years and never thought too much of it being a problem until I came across a question on stackoverflow (http://stackoverflow.com/questions/1508734/disable-java-log-rotation/) where someone wants to disable log rotation. To me with experience in having build server and even production servers cleaned up manually because logs are not rotated and discs are running out and suddenly machines come to a halt that all seems crazy, but it occurred to me that maybe it is not so obvious after all. So what are the benefits of log rotation? And what are the drawbacks (e.g. more difficult to debug/analyze maybe)? What tools do you find useful for working with rotated log files? Splunk I assume, but what else?

Read the article
create log for an encrypted tar

- by magiza83

I want to create an encrypted tar but also I want to have a log of what tar has compressed, I'm using the following command: tar -cvvf - --files-from=/root/backup.cfg | openssl des3 -salt -k backuppass | dd of=/root/tmp/back.encrypted But I need to have a log of tar's stdout. I don't know how to get it, because If I use "" in tar command openssl result is not correct. I've also checked tar manual hoping to find some option to write stdout to a file, but I have found nothing. any help? thanks & Regards.

Read the article
Grep all files in a directory and print matches with file name

- by javanix

I have a list of log files that I create as part of a video encoding script that I wrote. I would like to search all of them and print out certain statistics from the encode - how fast they were encoded, what settings were used, etc. I can search for the average framerate in one file via this 1 liner: cat ${filename} | grep average which outputs: work: average encoding speed for job is 23.211176 fps and search for the ratefactor: cat ${filename} | grep RF I would like to search all files in the directory and print off one, or prefereably both pieces of information along with the filename. Is there any way I can use find or grep to get this in a one-liner, or do I need to write a script? I would like output like this: /home/javanix/filename.log <RF line> <average line> I would like this to either work using FreeBSD 9 or Ubuntu 12.04.

Read the article
Du Meter Log file

- by Jack

Where can I find the Du Meter Log file? I tried searching C:\ProgramData\Hagel Technologies\DU Meter but the folder is empty. I also tried C:\Users\Username\AppData\Roaming and Local and LocalLow but none of them even have a Du Meter or Hagel Technologies folder. I even tried searching the temp folder but still nothing. I have a NetMeter.csv log file that I want to try and replace over the Du Meter log file cause I can't seem to find any other way to import data into Du Meter.

Read the article
Successful su for user by root in /var/log/auth.log

- by grs

I have this sorts of entries in my /var/log/auth.log: Apr 3 12:32:23 machine_name su[1521]: Successful su for user1 by root Apr 3 12:32:23 machine_name su[1654]: Successful su for user2 by root Apr 3 12:32:24 machine_name su[1772]: Successful su for user3 by root Situation: All users are real accounts in /etc/passwd; None of the users has its own crontab; All of those users are logged in the machine some time ago via SSH or No Machine - time varies from few minutes to few hours; no cron jobs are scheduled to run at that time, anacron is removed; I can see similar entries for other days and other times. The common part is the users are logged in when it appears. It does not appear during login, but some time afterwards. This machine has similar setup with few others but it is the only one where I see these entries. What causes them? Thanks

Read the article
logrotate: neither rotate nor compress empty files

- by Andrew Tobey

i have just set up an (r)syslog server to receive the logs of various clients, which works fine. only logrotate is still not behaving as intending. i want logrotate to create a new logfile for each day, but only to keep and store i.e. compress non-empty files. my logrotate config looks currently like this # sample configuration for logrotate being a remote server for multiple clients /var/log/syslog { rotate 3 daily missingok notifempty delaycompress compress dateext nomail postrotate reload rsyslog >/dev/null 2>&1 || true endscript } # local i.e. the system's very own logs: keep logs for a whole month /var/log/kern.log /var/log/kernel-info /var/log/auth.log /var/log/auth-info /var/log/cron.log /var/log/cron-info /var/log/daemon.log /var/log/daemon-info /var/log/mail.log /var/log/rsyslog /var/log/rsyslog-info { rotate 31 daily missingok notifempty delaycompress compress dateext nomail sharedscripts postrotate reload rsyslog >/dev/null 2>&1 || true endscript } # received i.e. logs from the clients /var/log/path-to-logs/*/* { rotate 31 daily missingok notifempty delaycompress compress dateext nomail } what i end up with is having is some sort of "summarized" files such as filename-datestampDay-Day and corresponding .gz files. What I do have are empty files, which are eventually zipped. so does the notifempty directive is in fact responsible for these DayX-DayY files, days on which really nothing happened? what would be an efficient way to drop both, empty log files and their .gz files, so that I eventually only keep logs/compressed files that truly contain data?

Read the article
How to go about rotating logs which are arbitrary named and placed in deeply nested directories?

- by Roman Grazhdan

I have a couple of hosts which are basically a playground for developers. On these hosts, each of them has a directory under /tmp where he is free to do all he wants - store files, write logs etc. Of course, the logs are to be rotated, or else the disc will be 100% full in a week. The files can be plenty, but I've dealt with it with paths like /tmp/[a-e]*/* and so on and lived happily for a while, but as they try new cool stuff on the machine logrotate rules grow ugly and unmanageable, and it's getting more difficult to understand which files hit the glob. Also, logrotate would segfault if asked to rotate a socket. I don't feel like trying to enforce some naming policies in that environment, I think it's going to take quite a lot of time and get people annoyed and still would fail at some point. And I still need to manage the logs, not just rm the dirs at night. So is it a good idea in circumstances like these to write a script which would handle these temporary files? I prefer sticking with standard utilities whenever possible, but here I think logrotate is getting less and less manageable. And probably someone heard of some logrotate alternatives which would work well in such an environment? I don't need emailing logs or some other advanced features, so theoretically some well commented find | xargs would do. P.S. I do have a log aggregator but this stuff is not going to touch my little cute logstash machine.

Read the article
Can Octopussy use messages other than syslog style?

- by Lee Lowder

I am currently exploring different options for a centralized log server. We use both Linux (Ubuntu 10.04 / 12.04, LTS for both) and Windows, though for this specific issue only Linux is relevant. I like the interface that octopussy has and it's feature list, but I am hesitant due to a few things. One of the biggest concerns I have is that it seems to be syslog only. The end goal is to have a centralized place for our devs and admins to be able to search through the logs generated by Apache, Tomcat and 70+ web apps spread out among a cluster, for both our prod and test environments. While I did see that octopussy has support for plugins, I haven't been able to find any sort of plugin repo or in depth guides as to what can be done with them. Does anyone know if plugins can be used to allow octopussy to non-syslog messages? Specifically log4j type log messages that may include multi-line stack traces and such. Also, is there a user community for this software, such as a mailing list or forum? I've been unable to locate any so far. Thank you.

Read the article
Weird Apache Access Logs

- by user38480

I see repeated requests like these in my Apache Access Logs and they have been eating up all my CPU. I have a normal WordPress installation. All i changed in the Apache Configuration was changing the DocumentRoot from /var/www/html to /var/www for both ssl and the default configuration. Also, the file referenced in the requests(updatedll.jpeg) does not exist on my server and also isn't referenced in the source code served by any page of the web application. Could this be a security threat? What are these actually and what can i do to stop them. I changed the ip address of my server. They still kept coming. Meaning that somebody is actually hitting the domain name and not the ip address. Why does my server send a 301 for these requests? Shouldn't it be sending a 404? Is it because Wordpress is installed in my root directory and the .htaccess file present for Wordpress is sending a 301 redirect? My disk access logs also seem to have high peaks intermittently. But nobody is actually accessing the site. I see no access logs except these below. Also, i see that all the requests seem to be coming from one of the following 5 ip addresses. 201.4.132.43 - - [05/Jun/2014:07:35:08 -0400] "GET /updatedll.jpg HTTP/1.1" 301 465 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; BTRS103681; GTB7.5; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; AskTbATU3/5.15.29.67612; BRI/2)" 187.40.241.48 - - [05/Jun/2014:07:35:08 -0400] "GET /updatedll.jpg HTTP/1.1" 301 465 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB7.5; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" 186.56.134.132 - - [05/Jun/2014:07:35:10 -0400] "GET /updatedll.jpg HTTP/1.0" 301 428 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 71.223.252.14 - - [05/Jun/2014:07:35:13 -0400] "GET /updatedll.jpg HTTP/1.1" 301 465 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; BTRS31756; GTB7.5; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; InfoPath.2)" 85.245.229.167 - - [05/Jun/2014:07:35:14 -0400] "GET /updatedll.jpg HTTP/1.1" 301 465 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; MAAU; .NET4.0C; BRI/2; .NET4.0E; MAAU)"

Read the article
Boot log for Windows XP

- by JasCav

Where can I find a step-by-step boot log of my Windows XP machine? I'm looking for something akin to the boot log you would get in Linux (with what is running at what times, how long it is running, etc). I am specifically interested in the what is happening after I get out of initial boot phase (AKA, the Windows XP logo goes away and I move to the generic blue background, and as I log in as a user onto the machine).

Read the article
Is there a filesystem firewall?

- by Jenko

Ever since firewalls appeared on the scene, it became hard for rogue programs to access the internet. But you and I know that running applications get unrestricted access to the filesystem. They can read your files and send them to poppa. (programs such as web browsers and IM clients, which are allowed thru the internet firewall) Any way to know which programs are accessing your files? or limit their access to a specific partition?

Read the article
SQL Server, ad group as a user: dropping many users at once

- by jrara

I have an AD group as a database user. When I try to drop this group from the database users, using DROP USER [this_is_the_ad_group] the group will be dropped but all the individual users in this group will not. How to delete this group and all its users at once?

Read the article
Setting the Server Port in D-Link Router for eMailing Logs

- by Synetech

Does anyone know how to set the port for the email server in the Status->Log section of the D-Link DI-524? I’ve tried the setting below but it does not seem to work. I don’t want to use the default port 25 if I can avoid it. (No, the server and email address in the snap are irrelevant, you can replace the server with hotmail.com or whatever and address with a valid one; the question I am trying to figure out is how to set the port.)

Read the article
Is there an easily configurable way to inject data into IIS 6 SMTP logs?

- by Lorcan O'Neill

I am using IIS 6 SMTP server to send out some mail on our behalf. I am also storing each message we send in a SQL table - with a UUID representing each message. I would like to be able to inject additional data into the SMTP logs located in SMTPSVC1 - an additional field which would contain this UUID in the event of a RCPT cs-method call. This is so that I can check a one-to-one relationship between messages sent in SQL and messages actually sent through SMTP. If possible, I would like to avoid writing a C++ custom logger as some sites I've viewed have suggested. Is there an easily configurable way to inject this data into IIS 6 logs? Even if it was only the ability to perform a regex on the data/headers of the outgoing email, that would be enough. Thanks!

Read the article
A good log file analyzer for windows

- by Raminder

Is there a text-editor for windows that can open for me first n lines of a large file? It would be nice if it could also open a set of lines from the middle of the file. EDIT: Basically my requirement is that I want to analyze huge(2GB) log files. So any good tool that can open huge files with some analysis capabilities(searching, text highlighting etc.) would be nice. I like notepad++ but it wouldn't open a file even of about 650 MB. P.S. - Open source tools will be preferred.

Read the article
central log-server with auditdisp

- by johan

I want to setup a central log-server. The log-server is running with debian 6.0.6 and the audit daemon is installed in version 1.7.13-1. The Clients are running with Red Hat 5.5 and they connect to the log-server via audispd. The connection works fine and i get all messages from each node. My questions is: is it possible that the auditd daemon from the log server write the messages from each node in a separate file? I try to transfer the messages via the syslog daemon, that works but i can not use tools like ausearch to analyze these log-files.

Read the article
Logfile software for making querys, extracting and other operations

- by Juw

I have written an app that connects to a server IIS 6 to retrieve information. When doing this i have collected data (phone model etc) and send it to the server with a regular GET HTTP call like this: http://www.myserver.com/getData.php?phonemodel=userphone&appversion=2&id=20 This is logged in the IIS logfiles. I thought of writing my own parser for log files. But why invent the wheel? I´m looking for a software that can read the IIS 6 logfiles. I would like it to be able to do: Extraction - Extract all lines that contains: www.myserver.com/getData Filtering - View all lines where http-code is not 200 Queries - View all lines where phonemodel=iphone Any tips on free software that can help me with this? Thanx in advance!

Read the article
Strange GET requests in logs

- by alfred

I'm getting the following GET requests in my apache logs: 109.230.251.14 - - [29/Mar/2011:16:28:18 +0100] "GET http://209.191.92.114/config/pwtoken_get?login=jackmcphee232&src=ygodgw&passwd=e59e2240415e6f1aba3da72b8f189f4e&challenge=9TbU_9yfZhKmzlHtK9X4OkQlesTH&md5=1 HTTP/1.0" 404 1226 "-" "-" Any idea what it could be and how is that possibly a get request? That IP address seems to point to Yahoo! I'm very confused.

Read the article
How do I capture the output of a tty while still allowing sent characters to reach the correct desti

- by Zak

I currently have some systems that multiple people have access to for administration purposes. We've modified the history log so that we capture 2k lines of history per user to help aid in who has done what on the system. However, we would additionally like to capture all keyboard input when we (the administrators) log in, and log it to a file so we can see what changes were made to files once people go into vi to edit them. It will also aid us in documenting when we are going through a compile of software and the like. How can I do this? CentOS 5.4 if it makes a difference.

Read the article
How can i get log messages from LAMP server on Ubuntu 10.04?

- by meyosef

How can I get log messages from LAMP server on Ubuntu 10.04? Should I install some good program on Ubuntu for that purpose? Thanks

Read the article
Log incoming requests on Ubuntu (ports 80, 443)

- by Maxim Eliseev

We have Tomcat running on Ubuntu server. It runs a web service, open to the internet. Sometimes it has a sudden spike of traffic and goes down. There is nothing unusual in Tomcat access logs. I guess it is because some of the requests are so 'heavy' that they never finish and hence are not recorded to Tomcat access logs. Is there a way to configure Ubuntu to log incoming requests in the following format (below)? Date, Time, URL (with query string params), IP address (of client) There should be one line per request. Each request should be logged before it is executed. Only incoming requests to ports 80 and 443 should be logged.

Read the article
Log viewer server and client

- by Scott Crooks

I'm looking for a log viewing solution for (mostly) Linux and (preferably) Windows too. I want to be able to centralize the log information for a lot of servers so that people in the company can see what's going on for different servers. I would guess this would involve having a central server which accepts information from the various computers / virtual machines with (perhaps) a running daemon on each of the servers. Does such a software exist?

Read the article
Weird stuff in in my /var/log/auth.log

- by xXx

I just check my logs on my deed serv, i spotted some weird log in the auth.log : Jun 17 22:27:01 mutualab CRON[16249]: pam_unix(cron:session): session opened for user user by (uid=0) Jun 17 22:27:01 mutualab CRON[16249]: pam_unix(cron:session): session closed for user user Jun 17 22:28:01 mutualab CRON[16253]: pam_unix(cron:session): session opened for user user by (uid=0) Jun 17 22:28:01 mutualab CRON[16253]: pam_unix(cron:session): session closed for user alain Jun 17 22:29:01 mutualab CRON[16257]: pam_unix(cron:session): session opened for user user by (uid=0) Jun 17 22:29:01 mutualab CRON[16257]: pam_unix(cron:session): session closed for user user Looks like somebody try to log - and suceed ? - but delog instantly ? I got the same log for hours now... Do you know what happens ? N.B : it's a 10.04 ubuntu server

Read the article
For how long do I need to store the logs?

- by mindas

I will soon be running an internet-based public service which will physically be hosted in the UK on a virtual server. The virtual server is provided by the ISP. I was wondering if there is/are any legal requirement(s) to keep access logs, and if yes - for how long? There is a Wikipedia article that touches this subject but I'm afraid my brain just can't grasp the legislative gibberish. I believe there's EU law and there's UK law; and I do need to comply to both, right? Can somebody explain this in pure layman's terms?

Read the article

< Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100 | Next Page >