On Sat, Dec 21, 2013 at 9:46 PM, Cliff Pratt wrote:
> John's suggestion is still pertinent. You'll need a SIGHUP handler in your
> script. Logrotate could send the SIGHUP in a postrotate 'script'.
Thanks!
> On Sun, Dec 22, 2013 at 3:15 PM, Larry Martell wrote:
>
>> On Sat, Dec 21, 2013 at 8:52
John's suggestion is still pertinent. You'll need a SIGHUP handler in your
script. Logrotate could send the SIGHUP in a postrotate 'script'.
Cheers,
Cliff
On Sun, Dec 22, 2013 at 3:15 PM, Larry Martell wrote:
> On Sat, Dec 21, 2013 at 8:52 PM, John R Pierce
> wrote:
> > On 12/21/2013 4:56 PM,
On 12/21/2013 6:15 PM, Larry Martell wrote:
> This is not using syslog. If you look at the daemonizing script I gave
> the link to, you pass in the log files for stdout and stderr, and it
> does some double fork magic and then associates the given files with
> them
i rarely read links on emails, a
On Sat, Dec 21, 2013 at 8:52 PM, John R Pierce wrote:
> On 12/21/2013 4:56 PM, Larry Martell wrote:
>> I'm looking for advice or suggestions for rolling log files with a
>> daemon. I have a python script that I daemonized with
>> http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_
On 12/21/2013 4:56 PM, Larry Martell wrote:
> I'm looking for advice or suggestions for rolling log files with a
> daemon. I have a python script that I daemonized with
> http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_python/.
> Before I daemonized it it was run from a bash scr
I'm looking for advice or suggestions for rolling log files with a
daemon. I have a python script that I daemonized with
http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_python/.
Before I daemonized it it was run from a bash script that invoked the
underlying python script. It ra
AM
> Subject: [CentOS] Log viewing and analysis tools
>
> > I have a requirement to allow our security officer to regularly view and
> > analyze the logging and auditing results of one of the machines in our
> > lab. He comes from the Microsoft Windows world and is not a *nix
From: David McGuffey
To: centos@centos.org
Sent: Tuesday, August 28, 2012 2:51 AM
Subject: [CentOS] Log viewing and analysis tools
> I have a requirement to allow our security officer to regularly view and
> analyze the logging and auditing results of one of the machines in our
>
Please check which one suits you more both are web-based Octopussy or
loganalyer
http://loganalyzer.adiscon.com/
http://sourceforge.net/projects/syslog-analyzer/
On Tue, Aug 28, 2012 at 3:21 PM, David McGuffey
wrote:
> I have a requirement to allow our security officer to regularly view and
>
I have a requirement to allow our security officer to regularly view and
analyze the logging and auditing results of one of the machines in our
lab. He comes from the Microsoft Windows world and is not a *nix
trained person.
I know I can configure logwatch. I can also create a script containing
v
Same here,
I just recently started using/testing rsyslogd (to mysql [native mysql support
is great])+LogAnalyzer web front end for a central log host. So far its been
working quite well. Worth checking out
Aly
Sent from my BlackBerry device on the Rogers Wireless Network
__
: Re: [CentOS] Log monitoring
centos-boun...@centos.org wrote:
> Bowie Bailey wrote:
>> On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
>>> Hi all,
>>> Currently I do 'tail -f /var/log/messages | grep something' to
>>> monitor/tune in my iptables rules.
&
centos-boun...@centos.org wrote:
> Bowie Bailey wrote:
>> On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
>>> Hi all,
>>> Currently I do 'tail -f /var/log/messages | grep something' to
>>> monitor/tune in my iptables rules.
>>>
>>> Based on your experience, is there any tools do that better like:
>>> -
Bowie Bailey wrote:
> On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
>> Hi all,
>> Currently I do 'tail -f /var/log/messages | grep something' to
>> monitor/tune in my iptables rules.
>>
>> Based on your experience, is there any tools do that better like:
>> - color
>> - grepping multiple keywords
>> -
On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
> Hi all,
> Currently I do 'tail -f /var/log/messages | grep something' to
> monitor/tune in my iptables rules.
>
> Based on your experience, is there any tools do that better like:
> - color
> - grepping multiple keywords
> - some statistic
I don't know
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better like:
- color
- grepping multiple keywords
- some statistic
Thank you
Fajar.
___
CentOS
I have deployed LogAnalyzer, and it has been working great in our environment.
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
Les Mikesell
Sent: Thursday, March 03, 2011 12:08 PM
To: centos@centos.org
Subject: Re: [CentOS] log
2011/3/3 Janez Kosmrlj :
> Hi folks,
> In the company where i work, we are implementing a security standard. A part
> of this is a log monitoring and reporting software. There are a few
> requirements, that the software must fulfil:
> - It must be capable of collecting logs from different devices (
On 3/3/2011 10:22 AM, rai...@ultra-secure.de wrote:
>
>> It doesn't deal with logs as files, but if syslog messages are sent or
>> forwarded to it, it can generate events and notifications from the
>> central configuration.
>> http://www.opennms.org/wiki/Syslogd
>>
>
> That's probably not what the
> It doesn't deal with logs as files, but if syslog messages are sent or
> forwarded to it, it can generate events and notifications from the
> central configuration.
> http://www.opennms.org/wiki/Syslogd
>
> --
>Les Mikesell
> lesmikes...@gmail.com
>
That's probably not what the OP wante
On 3/3/2011 8:00 AM, Janez Kosmrlj wrote:
>
>
> OpenNMS is a good snmp monitoring framework with
> notification/reporting. It
> doesn't 'collect' logs but you can configure it to receive syslog
> from other
> machines and there are a variety of other ways you can pick up data.
Geoff Galitz wrote:
> You might want to think about:
>
> syslog-ng/rsyslog remote logging + syslog-ng/rsyslog master log receiver +
> splunk
CentOS6 (will) use rsyslog by default and rsyslog is available with
CentOS5, so you might want to use rsyslog rather than syslog-ng for
CentOS hosts.
It has to collect logs from syslog (or similar service ), because one
requirement for certification is "log history from all devices in one place".
And since we are talking about 1500 devices it should be easy to configure and
maintain.
--
You might want to think about
Subject: Re: [CentOS] log monitoring and reporting software
On Thu, Mar 3, 2011 at 2:46 PM, Les Mikesell wrote:
On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
> Hi folks,
> In the company where i work, we are implementing a security standard. A part
> of
> this is a log monitoring a
On Thu, Mar 3, 2011 at 2:46 PM, Les Mikesell wrote:
> On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
> > Hi folks,
> > In the company where i work, we are implementing a security standard. A
> part of
> > this is a log monitoring and reporting software. There are a few
> requirements,
> > that the softw
On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
> Hi folks,
> In the company where i work, we are implementing a security standard. A part
> of
> this is a log monitoring and reporting software. There are a few requirements,
> that the software must fulfil:
> - It must be capable of collecting logs from d
On 03/03/11 1:12 AM, Janez Kosmrlj wrote:
> Hi folks,
> In the company where i work, we are implementing a security standard.
> A part of this is a log monitoring and reporting software. There are a
> few requirements, that the software must fulfil:
> - It must be capable of collecting logs from
Hi folks,
In the company where i work, we are implementing a security standard. A part
of this is a log monitoring and reporting software. There are a few
requirements, that the software must fulfil:
- It must be capable of collecting logs from different devices (Linux
machines, network equipment,
Spiro Harvey wrote:
On Sun, 27 Feb 2011 15:33:57 -0500
Rob Kampen wrote:
One of my servers is using ISO datetime formats
(2011-02-27T15:22:15.519857-05:00) in the logs
the rest use the default redhat/CentOS format (Feb 27 15:10:21).
After a couple of hours searching google I cannot find wh
Albert McCann wrote:
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Rob Kampen
Sent: Sunday, February 27, 2011 3:34 PM
To: CentOS mailing list
Subject: [CentOS] log time formats - where is this defined
One of my servers is using ISO
On Sun, 27 Feb 2011 15:33:57 -0500
Rob Kampen wrote:
> One of my servers is using ISO datetime formats
> (2011-02-27T15:22:15.519857-05:00) in the logs
> the rest use the default redhat/CentOS format (Feb 27 15:10:21).
> After a couple of hours searching google I cannot find where this is
> def
> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of Rob Kampen
> Sent: Sunday, February 27, 2011 3:34 PM
> To: CentOS mailing list
> Subject: [CentOS] log time formats - where is this defined
>
> One of my serve
One of my servers is using ISO datetime formats
(2011-02-27T15:22:15.519857-05:00) in the logs
the rest use the default redhat/CentOS format (Feb 27 15:10:21).
After a couple of hours searching google I cannot find where this is
defined.
I know I changed it some months ago as an experiment but f
Maybe the list doesn't accept attachments if that's what you have been sending.
Please try using something like pastebin.com and include the URL in your email.
On 7/10/10, mj wrote:
> My log seems not to be accepted by the list
>
>
> ___
> CentOS maili
My log seems not to be accepted by the list
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Hi,
Thanks for your reply.
Cron is indeed installed and started. I had a logrotate script in cron.daily.
When i ran logrotate -d -f logrotate.conf first it failed to complete
with an error having to do with ftp, corrected that, reran it, this
time it completed successfully but the major file had no
On Sunday 14 March 2010 20:38:23 David Mehler wrote:
> Thanks for your reply. Crontabs package is indeed installed.
Various things:
1- Check that indeed crond is running (ps -ef | grep cron)
2- Check that the logrotate script is indeed in the /etc/cron.daily|hourly|
weekly directories...
3- the b
Hi,
Thanks for your reply. Crontabs package is indeed installed.
Thanks.
Dave.
On 3/14/10, Wes Shull wrote:
> On Sun, Mar 14, 2010 at 5:10 PM, David Mehler wrote:
>> I've got a Centos 5.4 box that is not rotating it's mail logs. I just
>> found out about this, the file is considerably large. I'
On Sun, Mar 14, 2010 at 5:10 PM, David Mehler wrote:
> I've got a Centos 5.4 box that is not rotating it's mail logs. I just
> found out about this, the file is considerably large. I've included my
> log rotation configs if anyone has any suggestions i'm open to them.
I had a system, set up very
Hello,
I've got a Centos 5.4 box that is not rotating it's mail logs. I just
found out about this, the file is considerably large. I've included my
log rotation configs if anyone has any suggestions i'm open to them.
Thanks.
Dave.
/etc/rsyslog.conf:
# Log all kernel messages to the console.
# Logg
--- On Sun, 8/30/09, Dave wrote:
> Hello,
> I've got a centos 5.3 machine that is
> running services http and ftp
> whih are the two services i've noticed this on. When log
> rotation happens
> the old logs are renamed and compressed, but new logs httpd
> and pure-ftpd
> have zero lengths. F
Hello,
I've got a centos 5.3 machine that is running services http and ftp
whih are the two services i've noticed this on. When log rotation happens
the old logs are renamed and compressed, but new logs httpd and pure-ftpd
have zero lengths. From that poing log writing is not working. I've
Spiro Harvey wrote:
> Les Mikesell wrote:
>> Don't count on the same stability with python. It has an annoying
>> habit of changing syntax in non-backwards compatible ways with no
>
> You seem to be hell-bent (excuse the pun) on turning this into a jihad
> on scripting languages. Please take the
On Tue, Jan 06, 2009, Kai Schaetzl wrote:
>com>
>
>Bill Campbell wrote on Mon, 5 Jan 2009 16:02:29 -0800:
>
>> (which we are running for Zope compatibility
>> as the version of Zope we're running doesn't work with python-2.5.x.
>
>you did realize that this is another python compatibility issue, did
com>
Bill Campbell wrote on Mon, 5 Jan 2009 16:02:29 -0800:
> (which we are running for Zope compatibility
> as the version of Zope we're running doesn't work with python-2.5.x.
you did realize that this is another python compatibility issue, did you
;-)
Kai
--
Kai Schätzl, Berlin, Germany
G
On Mon, Jan 05, 2009, Les Mikesell wrote:
>Bill Campbell wrote:
>>
>> I used to some pretty complex shell and awk scripts before learning perl
>> about 20 years ago. Perl allowed me to do most things in a single language
>> including fairly low-level system calls that I previously had to do with
Les Mikesell wrote:
> Don't count on the same stability with python. It has an annoying
> habit of changing syntax in non-backwards compatible ways with no
You seem to be hell-bent (excuse the pun) on turning this into a jihad
on scripting languages. Please take the credo of your own favoured
re
Bill Campbell wrote:
>
> I used to some pretty complex shell and awk scripts before learning perl
> about 20 years ago. Perl allowed me to do most things in a single language
> including fairly low-level system calls that I previously had to do with
> compiled ``C'' programs.
And you can probabl
On Tue, Jan 06, 2009, Spiro Harvey wrote:
>> Why not just start with perl which does more than sed/awk while using
>> similar syntax (if you want)?
>
>This is why:
>
>awk '/^[[:space:]]*word/ {print}' logfile
>
>vs
>
>perl -ne 'if (/^\s*word/) { print $_; }' logfile
>
>Which syntax is likely to be
Spiro Harvey wrote:
>> Why not just start with perl which does more than sed/awk while using
>> similar syntax (if you want)?
>
> This is why:
>
> awk '/^[[:space:]]*word/ {print}' logfile
>
> vs
>
> perl -ne 'if (/^\s*word/) { print $_; }' logfile
>
>
> Which syntax is likely to be easier t
> Why not just start with perl which does more than sed/awk while using
> similar syntax (if you want)?
This is why:
awk '/^[[:space:]]*word/ {print}' logfile
vs
perl -ne 'if (/^\s*word/) { print $_; }' logfile
Which syntax is likely to be easier to remember?
--
Spiro Harvey
Joseph L. Casale wrote:
>> to match one or more, use + instead of *.
>>
>> * matches 0 or more, + matches 1 or more.
>
> Thanks!
>
>>> I have to buy a book on RegEx's and Sed :)
>> http://www.gnu.org/manual/gawk/gawk.pdf
>>
>> (G)awk is pretty sh!t hot where I work; however we've extended it a
>>
On Mon, 2009-01-05 at 13:40 -0700, Joseph L. Casale wrote:
> >to match one or more, use + instead of *.
> >
> >* matches 0 or more, + matches 1 or more.
>
> Thanks!
>
> So gawk does all that sed does and more? I suppose I can start with
Tons. You can write fairly complex programs with (g)awk.
> So gawk does all that sed does and more? I suppose I can start with
Can't really answer that. In 15 years of using UNIX systems, I've never
touched sed. :)
With Gawk's BEGIN and END blocks you can use it to write full
programs, which is kind of nice.
> that in this case, I always wanted a boo
>to match one or more, use + instead of *.
>
>* matches 0 or more, + matches 1 or more.
Thanks!
>> I have to buy a book on RegEx's and Sed :)
>
>http://www.gnu.org/manual/gawk/gawk.pdf
>
>(G)awk is pretty sh!t hot where I work; however we've extended it a
>bit. :)
So gawk does all that sed does
On Mon, 5 Jan 2009, Joseph L. Casale wrote:
>> The regex you want is "^[[:space:]]*word"
>
> Wow, thanks everyone for the help! How does one modify this to also
> knock out lines that *must* have whitespace followed by a number
> [0-9]? I can do it using "^[[:space:]]*[0-9]" but it also takes ou
On Jan 5, 2009, at 2:56 PM, Joseph L. Casale wrote:
The regex you want is "^[[:space:]]*word"
Wow, thanks everyone for the help! How does one modify this to also
knock out
lines that *must* have whitespace followed by a number [0-9]? I can
do it using
"^[[:space:]]*[0-9]" but it also take
> [0-9]? I can do it using "^[[:space:]]*[0-9]" but it also takes out
> lines w/o whitespace that begin with numbers?
to match one or more, use + instead of *.
* matches 0 or more, + matches 1 or more.
> I have to buy a book on RegEx's and Sed :)
http://www.gnu.org/manual/gawk/gawk.pdf
(G)awk
>The regex you want is "^[[:space:]]*word"
Wow, thanks everyone for the help! How does one modify this to also knock out
lines that *must* have whitespace followed by a number [0-9]? I can do it using
"^[[:space:]]*[0-9]" but it also takes out lines w/o whitespace that begin with
numbers?
I have
> awk '$1 == "word"{print}' /var/log/messages
This example assumes that word is the first field and that it consists
only of "word". If the first field is "word1" this won't match.
Fixes for this are
awk '$1 ~ "word"{print}'
(this matches any occurrance of "word" in the first field)
or:
awk
What about:
perl -ne 'if (/^\s*word/) { print $_; }' logfile
any others?
On Mon, Jan 5, 2009 at 11:45 AM, Joseph L. Casale
wrote:
> I need to review a logfile with Sed and cut out all the lines that start with
> a certain word, problem
> is this word begins after some amount of whitespace and
On Mon, 5 Jan 2009, Joseph L. Casale wrote:
> I need to review a logfile with Sed and cut out all the lines that
> start with a certain word, problem is this word begins after some
> amount of whitespace and unless I search for whitespace at the
> beginning followed by "word" I may encounter "w
On Mon, Jan 05, 2009, Joseph L. Casale wrote:
>I need to review a logfile with Sed and cut out all the lines that start with
>a certain word, problem
>is this word begins after some amount of whitespace and unless I search for
>whitespace at the
>beginning followed by "word" I may encounter "word
I need to review a logfile with Sed and cut out all the lines that start with a
certain word, problem
is this word begins after some amount of whitespace and unless I search for
whitespace at the
beginning followed by "word" I may encounter "word" somewhere legitimately
hence why
I don't just se
On Tuesday 11 March 2008 15:33:36 Hiep Nguyen wrote:
> hi all, where exactly sshd log files???
>
> this is what i have in /etc/sshsshd_config
>
> SyslogFacility AUTHPRIV
>
> if i want to log who login/logout sshd, what option do i need to turn
> on???
>
> thanks,
> t. hiep
>
Logwatch can supply you
Hiep Nguyen wrote:
hi all, where exactly sshd log files???
this is what i have in /etc/sshsshd_config
SyslogFacility AUTHPRIV
if i want to log who login/logout sshd, what option do i need to turn on???
/var/log/secure
thanks,
t. hiep
___
CentOS
hi all, where exactly sshd log files???
this is what i have in /etc/sshsshd_config
SyslogFacility AUTHPRIV
if i want to log who login/logout sshd, what option do i need to turn
on???
thanks,
t. hiep
___
CentOS mailing list
CentOS@centos.org
http:
On Tuesday 05 February 2008 12:00, Ray Van Dolson wrote:
> iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix "WWW "
I was thinking more along these lines for a rule:
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j LOG --log-prefix
"[WWW] : " --log-tcp-options --log-ip-optio
On Tue, Feb 05, 2008 at 09:29:30AM -0800, John R Pierce wrote:
> Tony Schreiner wrote:
>>> assuming you want to log user web browsing traffic, configuring a Squid
>>> transparent proxy at your network border would be the best way. its
>>> logfiles are quite similar to those of a webserver, so yo
On Tue, Feb 05, 2008, Tony Schreiner wrote:
>
>On Feb 5, 2008, at 12:15 PM, John R Pierce wrote:
>
>>Tony Schreiner wrote:
>>>Is there a way to log outbound connections to a specific port (80)?
>>>CentOS 4.6.
>>
>>
>>assuming you want to log user web browsing traffic, configuring a
>>Squid transp
Tony Schreiner wrote:
assuming you want to log user web browsing traffic, configuring a
Squid transparent proxy at your network border would be the best
way. its logfiles are quite similar to those of a webserver, so you
can use a wide range of log analysis tools.
To get more specific abou
>
> To get more specific about what's going on. My network services have
> informed me that the machine is probing other systems at a high rate. An
> infection of some sort. And I'm trying to track down what's going on.
>
The LOG target lets you display the user id of the process I believe,
but
On Feb 5, 2008, at 12:15 PM, John R Pierce wrote:
Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
assuming you want to log user web browsing traffic, configuring a
Squid transparent proxy at your network border would be the best
way.
Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
assuming you want to log user web browsing traffic, configuring a Squid
transparent proxy at your network border would be the best way. its
logfiles are quite similar to those of a webserve
On Feb 5, 2008, at 12:00 PM, Ray Van Dolson wrote:
On Tue, Feb 05, 2008 at 11:56:48AM -0500, Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
iptables?
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix "WWW "
You might want to ta
On Tue, Feb 05, 2008 at 11:56:48AM -0500, Tony Schreiner wrote:
> Is there a way to log outbound connections to a specific port (80)?
> CentOS 4.6.
>
> iptables?
>
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix "WWW "
You might want to tack --syn on there as well to only log the packet
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
iptables?
Thanks
Tony Schreiner
Boston College
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Mon, Jan 07, 2008, Les Mikesell wrote:
>Bill Campbell wrote:
>
>>> Given my experience in Linux is limited currently, what do you guys
>>> use to monitor logs such as `messages' on your centos servers? I had a
>>> hardware failure that happened in between me manually looking (of
>>> course..
Bill Campbell wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as `messages' on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course...). I would hope it might have a some features to emai
Joseph L. Casale wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as ‘messages’ on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course…). I would hope it might have a some features to email cr
On Mon, Jan 07, 2008, Joseph L. Casale wrote:
>
> Given my experience in Linux is limited currently, what do you guys
> use to monitor logs such as `messages' on your centos servers? I had a
> hardware failure that happened in between me manually looking (of
> course...). I would hope it mi
Given my experience in Linux is limited currently, what do you guys use to
monitor logs such as 'messages' on your centos servers? I had a hardware
failure that happened in between me manually looking (of course...). I would
hope it might have a some features to email critical issues etc...
Tha
82 matches
Mail list logo
