CTED]>
Sent: Friday, September 26, 2003 3:16 PM
Subject: Re: Chroot Jail Time - extra syslogd instances
> On Fri, 26 Sep 2003 14:11:44 -0500
> "Brett Franck" <[EMAIL PROTECTED]> wrote:
>
> > How do you teach a chroot jail the correct time?
> >
> > Br
On Fri, 26 Sep 2003 14:11:44 -0500
"Brett Franck" <[EMAIL PROTECTED]> wrote:
> How do you teach a chroot jail the correct time?
>
> Brett
Hey Brett,
I know your question is in regard to the syslogd chroot environment we
talked about this morning. Attached is an
Sean,
Works like a champ, thanks!!!
Brett
- Original Message -
From: "Sean Estabrooks" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 26, 2003 6:49 AM
Subject: Re: Syslogd UDP Port
> On Thu, 25 Sep 2003 16:19:18 -0500
> "Brett
On Thu, 25 Sep 2003 16:19:18 -0500
"Brett Franck" <[EMAIL PROTECTED]> wrote:
> If it is possible, how would you map say UDP port 515 to syslog and have
> syslog report it to a specific logfile through the syslog.conf file?
Hi Brett,
Here's one way to do it using the
>From: "Brett Franck" <[EMAIL PROTECTED]>
>Sent: Thursday, September 25, 2003 11:19 PM
>Sorry if this is somewhat of a newbie question, but I've been searching the
web for some time looking for a decent answer for this:
>Is there a way to have the syslog daemon "listen" to more ports than 514?
Ma
Sorry if this is somewhat of a newbie question, but
I've been searching the web for some time looking for a decent answer for
this:
Is there a way to have the syslog daemon "listen"
to more ports than 514? Many routers are configurable for sending syslog
out multiple
or different UDP por
Hi,
This probably is the wrong forum for this but I really need some help. I
am stuck with using "Syslogd" on Solaris and it doesn't have the
capabilities similar to he Linux Syslogd e.g. using the "*.=info"
options etc. Is there some syslogd (Free\OpenSource) for Sola
On Fri, Mar 21, 2003 at 03:30:30PM -0500, Hong Tian wrote:
> > To do what you want feed the messages into a named pipe that is
> > processed by a script.
> I should create the script on syslogd client not on syslogd server, is it
> right?
No, the script the reads from the n
Hong Tian wrote:
Hi,
We have a syslog server on Red hat 7.3. All other linux servers send system
log information to the default log file named "messages" on the log server
(/var/log/messages). Since all log data are sending to the same messages
file, the size of message file is growing very fast.
> To do what you want feed the messages into a named pipe that is
> processed by a script.
I should create the script on syslogd client not on syslogd server, is it
right?
> mkfifo /var/log/hostLogging
Could I use touch instead of mkfifo? What is the benefit by using mkfifo?
> To
Hong Tian said:
> Hi,
>
> We have a syslog server on Red hat 7.3. All other linux servers send
> system log information to the default log file named "messages" on the log
> server (/var/log/messages). Since all log data are sending to the same
> messages file, the size of message file is growing v
On Fri, Mar 21, 2003 at 09:52:21AM -0500, Hong Tian wrote:
> . My question is how to
> modify the syslog configuration file so that each log client can send its
> log data separately to the log server based on its host name.
You can't configure the normal syslog daemon to separate the
Hi,
We have a syslog server on Red hat 7.3. All other linux servers send system
log information to the default log file named "messages" on the log server
(/var/log/messages). Since all log data are sending to the same messages
file, the size of message file is growing very fast. My question is ho
Hi all
Hi all
i have just compiled & installed the tcpserver on
my redhat linux 7.3
system , before compiling i have made a samll change
in the makefile as follows
FACILITY=LOG_MAIL line changed to FACILITY=LOG_AUTH
then i compiled , however i have observed that the
tcp wrapper is sendin
w collection.
>
> Lately the machine has been running extremely slow whenever anything
> that happens on the box needs to syslog something (su, logins, etc.).
> I've checked /var/log/messages and it repeatedly contains the
> following line:
>
> Sep 6 14:23:54 cinshr
happens on the box needs to syslog something (su, logins, etc.).
I've checked /var/log/messages and it repeatedly contains the
following line:
Sep 6 14:23:54 cinshrnms02 syslogd: recvfrom inet: Resource
temporarily unavailable
Notice the Recv-Q for the syslog port (UDP 514) in the netstat o
Hey:
I have a redhat 7.2 system running. It has a syslogd daemon running.
I cutomized the syslogd.c program. But Hhere is a silly question:
How do I compile my customized syslogd.c program and where and
how do I deploy it on my linux system? Any suggestion will
be appreciated.
Thanks
On Wed, 10 Apr 2002, John Horne wrote:
> On 10-Apr-2002 at 09:33:59 John Horne wrote:
> > Most. The inclusion of syslog into this didn't happen until RH7.2 (for
> > those of us still running 7.1, we still have to hack the startup script
> >
> My mistake - it was introduced in 7.1 (I was looking
On 10-Apr-2002 at 09:33:59 John Horne wrote:
> Most. The inclusion of syslog into this didn't happen until RH7.2 (for
> those of us still running 7.1, we still have to hack the startup script
>
My mistake - it was introduced in 7.1 (I was looking at the wrong system).
I'll keep quiet now :-)
Joh
On 10-Apr-2002 at 00:36:33 R P Herrold wrote:
> On Tue, 9 Apr 2002, Rodolfo J. Paiz wrote:
>> >This is sub-optimal, for it will destroy a cleanrpm -V
>> >verification. Better to read and edit: /etc/sysconfig/syslog
>
> Most of this happened back in early RH 7.0.
>
Most. The inclusion of sysl
On Tue, 9 Apr 2002, R P Herrold wrote:
> On Tue, 9 Apr 2002, Rodolfo J. Paiz wrote:
>
> > >This is sub-optimal, for it will destroy a cleanrpm -V
> > >verification. Better to read and edit: /etc/sysconfig/syslog
> > >
> > >Remember to restart the
On Tue, 9 Apr 2002, Rodolfo J. Paiz wrote:
> >This is sub-optimal, for it will destroy a cleanrpm -V
> >verification. Better to read and edit: /etc/sysconfig/syslog
> >
> >Remember to restart the syslogd
>
> Wow... thanks! I did not know this.
It is not ad
At 4/9/2002 07:32 PM -0400, you wrote:
>On Tue, 9 Apr 2002, Rodolfo J. Paiz wrote:
> > Edit /etc/rc.d/init.d/syslogd. Look for "start)"; then find near there the
> > command to start syslogd and add the -r parameter. Also, for next time
> read
> > the man pa
On Tue, 9 Apr 2002, Rodolfo J. Paiz wrote:
> At 4/9/2002 11:37 AM -0400, you wrote:
>
> >How do I incorporate the -r (remote logging) option in the syslog init
> >script?
>
> Edit /etc/rc.d/init.d/syslogd. Look for "start)"; then find near there the
> co
At 4/9/2002 11:37 AM -0400, you wrote:
>How do I incorporate the -r (remote logging) option in the syslog init
>script?
Edit /etc/rc.d/init.d/syslogd. Look for "start)"; then find near there the
command to start syslogd and add the -r parameter. Also, for next time re
Title: syslogd -r
How do I incorporate the -r (remote logging) option in the syslog init script?
__
Devon Harding
System Administrator
Gilat Latin America
954-858-1600
[EMAIL PROTECTED]
This e-mail is intended for the above named addressee(s), and may contain information
Friday, May 04, 2001, 2:04:19 AM, Zoki wrote:
[cut]
...
[cut]
Zoki, please oh please, take off those HTML tags.
--
If Bill Gates had a dime for every time a Windows box crashed...
...,Oh wait, he already does.
___
Your maillog is 270 meg's or 270,000,000? That is large.
What do you see in the file? Is this for a mail server. I
would stop syslogd momentarily and back up that logfile by
renaming it maillog.bak.041101 or something of that sort and
restart syslogd and see if your CPU load is down. Whe
: Wednesday, April 11, 2001 9:24 PM
To: [EMAIL PROTECTED]
Subject: syslogd problem
hi all:
my syslogd procedure consume nearly 90% of cpu,when i run
top command:
PID USER PRI NI SIZE RSS SHARE STAT LIB
11635 root 150 396 396 308 R 0
%CPU %MEM TIME COMMAND
86.9 0.10:27
hi all:
my syslogd procedure consume nearly 90% of cpu,when i run top command:
PID USER PRI NI SIZE RSS SHARE STAT LIB
11635 root 150 396 396 308 R 0
%CPU %MEM TIME COMMAND
86.9 0.10:27 syslogd
this problem leads to my other services on this server providing
While investigating a problem I've been having with logrotate, I noticed
the same (I think) thing in my log files: *thousands* of syslogd
restarts *per minute* at 4am -- logrotate's magical time.
Is it normal to have that many restarts?
---
Brian
"Rodolfo J. Paiz" wrote:
At 4/9/01 08:02 AM -0500, you wrote:
>Woops. I changed my logging level when this started, and is happening
>with the
>log rotate (happens daily on one machine, and weekly on the others, which is
>why it looked like it was spreading).
O so *that's* what's been giving me fits. Great,
At 4/9/01 06:29 AM -0500, you wrote:
> syslogd 1.3-3: restart (remote reception).
>
>With several identical messages all occuring within a second of each other.
I've got similar messages, also with no other signs for alarm, and
unfortunately I have no explanation for it either.
me of my logs:
>
>syslogd 1.3-3: restart (remote reception).
>
> With several identical messages all occuring within a second of each other.
>
> The portion of this message is my remote logging server. I've also got
> entries for syslogd being restarted on several ot
I've got some funny entries in some of my logs:
syslogd 1.3-3: restart (remote reception).
With several identical messages all occuring within a second of each other.
The portion of this message is my remote logging server. I've also got
entries for syslogd being restarted
On Thu, 5 Apr 2001, Vidiot wrote:
> Date: Thu, 5 Apr 2001 01:20:02 -0500 (CDT)
> From: Vidiot <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: RedHat main mail list <[EMAIL PROTECTED]>
> Subject: syslogd errors
>
> I discovered that syslogd wasn't r
I discovered that syslogd wasn't running, so I told it to restart
with the init.d script. It saio that syslogd failed, but klogd was fine.
So I did a stop and start, same results. But, according to ps, syslogd
is up and running, but messages said that it failed.
Entries are not being l
>This'll teach me to read all the man pages before posting.
>
>Thanks!
And for that, you should buy yourself one of these! :)
http://www.thinkgeek.com/stuff/things/3239.html
Mike
___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redh
This'll teach me to read all the man pages before posting.
Thanks!
On Wed, 21 Mar 2001, you wrote:
> On Wed, 21 Mar 2001, Jacob Killian wrote:
>
> > Can anyone point me toward a good explaination of how to set up
> > syslogd to be a remote logging server? In particular,
On Wed, 21 Mar 2001, Jacob Killian wrote:
> Can anyone point me toward a good explaination of how to set up
> syslogd to be a remote logging server? In particular, how do I
> setup the xinetd.d entry?
>
> Thanks!
>
>
You do not have to do anything with xinetd.d, because sys
Can anyone point me toward a good explaination of how to set up syslogd to be a
remote logging server? In particular, how do I setup the xinetd.d entry?
Thanks!
--
Jacob Killian
PGTC System Administrator
<http://www.pgtc.net>
501-846-7245
"Long may we wal
You the man dude... thanks
Roy
At 12:09 PM 3/9/01 -0600, you wrote:
>On Fri, 9 Mar 2001, Roy wrote:
> > >This last line is what is causing you problems. It looks like
> > >pager.rlg.org is not set up to accept syslog messages from your machine.
> > >In orde
On Fri, 9 Mar 2001, Roy wrote:
> >This last line is what is causing you problems. It looks like
> >pager.rlg.org is not set up to accept syslog messages from your machine.
> >In order for this to work, syslogd on pager.rlg.org has to have been
> >started with the -r opt
Hi
My machines not logging anything.. I get this error when in debug
mode:logmsg: syslog.err<43>, flags 4, from pacheco, msg syslogd: network
logging disabled (syslog/udp service unknown).
klogd is running..I don't know if it's working, but it's running :-)
belows my sys
>SNIP
> >
> > *.info @pager.rlg.org
> >
> >
>This last line is what is causing you problems. It looks like
>pager.rlg.org is not set up to accept syslog messages from your machine.
>In order for this to work, syslogd on pager.rlg.org has to have been
On Fri, 9 Mar 2001, Roy wrote:
> Hi
>
> My machines not logging anything.. I get this error when in debug
> mode:logmsg: syslog.err<43>, flags 4, from pacheco, msg syslogd: network
> logging disabled (syslog/udp service unknown).
>
> klogd is running..I don'
I found the error and you were right. I had turned it on a couple of weeks
ago but apparently did not notice the increased disk activity until
yesterday. Thanks. I reduced kdebug from 4 to 1 and I am fine now.
Gary
On Wed, 17 Jan 2001, Stew Benedict wrote:
>
> You didn't happen to turn on kdeb
No, I made no changes.
On Wed, 17 Jan 2001, Stew Benedict wrote:
>
> You didn't happen to turn on kdebug in your ppp dialer or /etc/ppp/optins
> did you?
>
> Stew Benedict
>
> > syslog. The kernel log has lots of entries such as:
> >
> > Jan 15 21:04:19 localhost kernel: ppp: write frame, co
You didn't happen to turn on kdebug in your ppp dialer or /etc/ppp/optins
did you?
Stew Benedict
> syslog. The kernel log has lots of entries such as:
>
> Jan 15 21:04:19 localhost kernel: ppp: write frame, count = 64
> Jan 15 21:04:19 localhost kernel: FF 03 00 21 45 00 00 3C ...!E..<
> Jan 1
ver I was using Netscape to browse to a site, my disk was running
hard. I checked top and found that whenever I used Netscape to browse to
a URL, the syslogd cpu usage was up to 90%. Outside of Netscape, or
whenever the page finished loading, this syslogd usage went down to
nothing.
I restarted sy
lse to say about it.
>
>
Look at /etc/logrotate.d/syslog - it will restart syslogd up to 5 times
when it rotates the log files. Each time you kill syslogd with -HUP, it
will put a restart message in the log. This is done in the postrotate
section for each log file used with syslogd. The
;
> > I just noticed this entry at the very top of this
> > week's /var/log/message:
> >
> > [root@csc003 /root]# cat /var/log/messages
> > Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> > Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> >
ECTED]> wrote:
>> Howdy,
>>
>> I just noticed this entry at the very top of this
>> week's /var/log/message:
>>
>> [root@csc003 /root]# cat /var/log/messages
>> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
>> Oct
:
>>
>> [root@csc003 /root]# cat /var/log/messages
>> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
>> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
-
Ph
d that might be part of why it
starting failing... you may want to check if someone has installed rootkit
on your system and broke syslog as a way of covering their tracks.
Chris
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, October 09, 20
og/messages
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restar
Hi, I have had two situations crop up; I'm running RH 6.2 in a server configuration,
with Samba, Apache, sendmail/pop3/imap4, and IP Masqing:
For some reason, syslogd will not come up; during interactive startup, it shows
[FAILED] instead of [OK}. A review of the logs doesn'
[root@csc003 /root]# cat /var/log/messages
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
> Oct 8 04:
On Mon, 09 Oct 2000 10:37:19 -0500, [EMAIL PROTECTED] (Jonathan Wilson) wrote:
>
> Howdy,
>
> I just noticed this entry at the very top of this week's /var/log/message:
>
> [root@csc003 /root]# cat /var/log/messages
> Oct 8 04:02:00 csc003 syslogd 1.3-3:
Howdy,
I just noticed this entry at the very top of this week's /var/log/message:
[root@csc003 /root]# cat /var/log/messages
Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
Oct 8 04:02:00 csc003 syslogd 1.3-3: restart.
Oct 8 04:02:00 csc003 syslogd
ond Monge
RM> ERP Network Management
RM> INTRIA - Hewlett Packard
RM> Toronto
RM> (416) 892-6263
RM> Remy Faures wrote:
>> Hi,
>>
>> I would like my Cisco network devices (routers and switches) to export their
>> event notification to my linux server.
>&g
Make sure you start your syslogd with the -r option to enable remote logging.
Darryl
At 02:49 PM 19/06/2000, you wrote:
>Put a command line in your Cisco router and switches
>
>syslog server "Your server IP address"
>
>and your syslog daemond will start to get event
ote:
> Hi,
>
> I would like my Cisco network devices (routers and switches) to export their
> event notification to my linux server.
>
> What should I set up on the linux box to enable that. Syslogd is already
> running, but I don't know how to modify the syslog.conf file,
Hi,
I would like my Cisco network devices (routers and switches) to export their
event notification to my linux server.
What should I set up on the linux box to enable that. Syslogd is already
running, but I don't know how to modify the syslog.conf file, if needed.
Thanks for your help,
On Thu, Mar 02, 2000 at 03:31:42AM -0400, Agustin Navarro wrote:
[...]
> 3.start xconsole
> You start xconsole by entering in an xterm
>
> xconsole -daemon
[...]
For completeness' sake: Instead of xconsole, you can also use other
terminal windows, e.g.
rxvt -C or xterm -C
They (and probabl
On Tue, 29 Feb 2000, Steve Feehan wrote:
>I am going through the SANS Securing Linux handbook and have setup syslogd
>to send messages to /dev/tty8. However I am running X and would like to
>capture these messages in an xterm. Is there a way to start an xterm and
>have it display
I am going through the SANS Securing Linux handbook and have setup syslogd
to send messages to /dev/tty8. However I am running X and would like to
capture these messages in an xterm. Is there a way to start an xterm and
have it display the messages that are sent to /dev/tty8?
Sorry that this is
On Fri, 4 Feb 2000, Ounsted, Toby wrote:
> I'm pretty sure it's the logrotate - the presumption being
> that named is trying to write to the file, the file gets rotated, named
> commits suicide. The obvious one is to have named log to a file other than
> 'messages' and ot rotate th
On Thu, 3 Feb 2000, Ounsted, Toby wrote:
> My named is dying! Here's what I'm seeing: named chugging
gracefully along
> doing its stuff every hour and responding to queries. The
only thing going
> on in between
On Thu, 3 Feb 2000, Ounsted, Toby wrote:
> My named is dying! Here's what I'm seeing: named chugging gracefully along
> doing its stuff every hour and responding to queries. The only thing going
> on in between is SYSLOGD RESTART - after which named takes no further
> inte
My named is dying! Here's what I'm seeing: named chugging gracefully along
doing its stuff every hour and responding to queries. The only thing going
on in between is SYSLOGD RESTART - after which named takes no further
interest in doing anything until I reset named (KILL -HUP) at 9:4
Can anyone tell me what this mean? It got broadcast to all the consoles
on my 6.1 server. I think I might have had pcket logging turned on at the
time (had been running mason)
Message from syslogd@pooh at Tue Nov 30 08:18:35 1999 ...
pooh kernel: T=109 (#1)
thanks
--
To unsubscribe
72 matches
Mail list logo