The /var/log/messages file is written to sequentially. On a weekly basis,
it is rotated (the .n files you saw), so that it does not get too large. It
is not possible for the timestamps to be out of sequence unless you have
been juggling timezones - I noticed when you posted previously that your
email timestamps were not correct. Are you sure that you haven't been
viewing all the files via one command string (e.g. "more messages*")? Also
you noted below that the file is called messages.unx - have you renamed it?
This is a system managed file and should be left alone, apart from
read-only access via the "tail" command.
At 18:10 26/3/2001, you wrote:
> > E.g. dates might appear (in small batches) in this
> > order, using our most recent 'messages' log as an
> > example (summary below, reply for copy of the
> > whole messages[.unx] log file):
> >
> > Mar 26's (syslogd ... restart...)
> > Mar 26's (kernel logs DENY's - lots... maybe an intrustion...?)
> > Mar 27's (OK)
> > Mar 27 01:01 about an hour since prev entry (kernel log DENY ppp0)
> > Mar 4's a batch from 23:54 syslogd restart... apparently after a
> > re-boot!
Des Dougan
