syslog

How can I change localhost.localdomain in the messages written by Log4j to the Linux syslog

别等时光非礼了梦想. 提交于 2019-12-21 02:55:24
问题 I'm writing messages to the Linux syslog using Log4j and its SyslogAppender. The outputted messages look like this: Oct 12 09:06:03 localhost.localdomain 3364 [Thread-5] INFO TEST MESSAGE MyApplicationLogger - This is my message I would like to replace localhost.localdomain with the name of the server running the application but can't seem to figure out how. Here's my configuration file, in case it's useful: log4j.logger.MyApplicationLogger=INFO, SyslogAppender log4j.appender.SyslogAppender

linux日志守护进程 syslog

拈花ヽ惹草 提交于 2019-12-19 08:22:45
几乎所有的网络设备都可以通过syslog协议,将日志信息以UDP的形式传送给远端服务器,远端接收日志服务器必须通过syslogd监听UDP端口514,并根据 syslog.conf 配置文件张的配置处理。配置文件 /etc/rsyslog.conf 中规定了syslogd如何根据设备和信息的重要级别来报告信息。 CentOS6.5之前,配置文件为/etc/syslog.conf,从CentOS6.5之后,配置文件名变更为/etc/rsyslog.conf 。 syslog支持日志分类输出到特定文件中,但是有几个限制: 1、syslog日志输出支持分类,但不支持每个进程单独输出到某个文件(因为syslog并不是作为一套完整的日志库而产生的); 2、syslog输出的日志文件位置并不是任意的,默认仅仅限于【/var/log/】目录下,如果指定到其他位置,视为无效; 配置文件的格式: 【服务.优先级 <tab> action字段】。 其中,【服务.优先级】一起统称为选择条件。条件选择是对服务进行了分类,便于syslog对日志的输出管理。同时一行的配置中,允许出现多个选择条件,多个选择条件使用 ; 隔开。 服务(facility),用来指定syslog的功能,主要包括: 1 kern 内核信息,首先通过 klogd 传递; 2 user 用户进程; 3 mail 邮件; 4 daemon

Is there any way to 'expect' output to error_log in PHPUnit tests?

♀尐吖头ヾ 提交于 2019-12-19 06:19:31
问题 Is there any way to run a test on output created from a call to 'error_log("Message")' when doing unit tests with phpunit? Example code, one of my functions tests a credit card with a luhn algorithm: if($checkLuhn && ($this->_luhn_check($cardNumber) == false)) { error_log(__METHOD__ . " cardNumber failed luhn algorithm check."); return false; } $checkLuhn is a boolean passed in to tell it whether to do the check, the _luhn_check() returns true if the $cardNumber passes. Problem is, I have

安装使用ELK6.0

房东的猫 提交于 2019-12-17 08:42:59
文章目录 安装使用ELK6.0 1. Elasticsearch安装准备工作 配置三台机器的hosts文件内容如下: 三台主机安装es 配置es 配置完成后,回到到主节点上,启动es服务。9300端口是集群通信用的,9200则是数据传输时用的: curl查看es集群情况 启动报错: 2. 搭建kibana和logstash服务器 master上安装kibana 安装完成后,对kibana进行配置: 然后在浏览器里进行访问测试 在数据节点上安装logstash,并测试收集系统日志(实践Rsyslog) kibana上查看日志 获取指定索引详细信息: 如果日后需要删除索引的话,使用以下命令可以删除指定索引: es与logstash能够正常通信后就可以去配置kibana了,浏览器访问192.168.1.17:5601,到kibana页面上配置索引: logstash收集nginx日志实战 和收集syslog一样,首先需要编辑配置文件,这一步在logstash服务器上完成 检测配置文件是否有错 进入nginx虚拟主机配置文件所在的目录中,新建一个虚拟主机配置文件: 重启logstash服务,生成nginx日志的索引: 那么这时就可以到kibana上配置该索引 使用beats采集日志 安装完成之后编辑配置文件: 测试可以正常收集日志数据,再次修改配置文件,将filebeat作为一个服务启动:

why syslog sink sends same records on all the sinks when a sink is member of class?

為{幸葍}努か 提交于 2019-12-13 03:32:22
问题 I have written following code to send logs to remote syslog( rsyslog on remote unix machine ) from my windows machine using boost-log . I am using syslog_backend . #include <boost/config.hpp> #if !defined(BOOST_WINDOWS) #define BOOST_LOG_USE_NATIVE_SYSLOG #endif #include <string> #include <iostream> #include <boost/smart_ptr/shared_ptr.hpp> #include <boost/log/common.hpp> #include <boost/log/expressions.hpp> #include <boost/log/attributes.hpp> #include <boost/log/sinks/sync_frontend.hpp>

How to configure syslog so that an applications log goes to a specific file

只愿长相守 提交于 2019-12-12 08:23:32
问题 I have an application myapp which should send log files only to /var/log/myapp.log . myapp is written in C++. The following sample code, sends the logs to /var/log/syslog only. My os is Linux - Ubuntu 12.04 - to be specific. I also found that my machine has rsyslog than syslog installed. #include <stdio.h> #include <unistd.h> #include <syslog.h> int main(void) { openlog("myapp", LOG_PID|LOG_CONS, LOG_USER); syslog(LOG_INFO, "abc 10"); closelog(); return 0; } 回答1: According to the syslog(3)

Reading Apple Watch syslog (NSLog()) in real-time

我怕爱的太早我们不能终老 提交于 2019-12-12 06:05:36
问题 I'm looking for a way to read the watch's syslog in real-time, similar to the way Device Console or this do it for the iPhone. It's ok if the phone will be plugged by usb to the computer at the time I'm reading. At this point I'll even settle for a solution that somehow reads the texts at real-time from Xcode debug console, really (though I will prefer a way to hook in to the watch's syslog in a standard fashion :).. Thanks! 回答1: While I couldn't find any official way to get logs from the

Reporting information using syslog

送分小仙女□ 提交于 2019-12-12 05:57:14
问题 I am trying to write a function which will take a priority level and a variable amount of strings as arguments to log information in an application. The function looks something like this so far: int _logf(int priority, char *fmt, ...) { if (log.priority >= priority) { syslog(priority, "LOG:%s", fmt); } /* stderr and syslog */ } log.priority is an int set at run time which could be LOG_INFO / LOG_DEBUG / LOG_ERR and in use: _logf(LOG_INFO, "Starting app version %s", "1.0"); Is this an

Correlation using patterndb and syslog

蓝咒 提交于 2019-12-12 05:06:43
问题 I am trying to make a correlation using patterndb, my requirement is when an exception or a message gets added into a context more than 4 times in 60 secondes a message gets generated.Here is my patterndb xml and syslog configuration file. example.xml <patterndb version='4' pub_date='2010-10-17'> <ruleset name='ssh' id='123456678'> <pattern>ssh</pattern> <rules> <rule provider='me' id='182437592347598' context-id='ssh-login-logout' context-timeout='60' context-scope='process'> <patterns>

使用AUDIT_SYSLOG_LEVEL进行Sys用户行为监控

只谈情不闲聊 提交于 2019-12-12 04:38:36
对生产环境运行的系统而言,用户行为审计是一个非常重要的部分。当发生安全事故、非法侵入的时候,稳妥、全面的审计信息是我们发现安全漏洞和修复故障的重要依据。所以,所有的完善数据库产品中,都有专门的审计功能模块。 Oracle从大规模商用化到今天,一直在不断的推进审计功能模块,以适应灵活多变的用户需求。目前的Oracle审计功能,主要分为Traditional Audit和Fine Grained Audit(FGA)两种技术主线。这两条主线主要提供的是对于用户行为和数据两个主要层面的审计内容。 1 、Sys 用户审计 Sys用户是Oracle系统中很特殊的一个用户,类似于Linux/Unix中的root,具有绝对的超级权限。除了允许访问、操作大多数数据之外,Sys用户是具有对Oracle内部元数据基础表进行删除的权限。 鉴于Sys用户的巨大权限和潜在危险性,我们通常在使用数据库的时候,都不会直接使用sys用户,而是创建普通用户帐号进行管理。 从安全的层面上,Oracle也对于Sys的基本操作行为,如登陆、退出动作,都提供了默认审计策略。 但是,这个过程中,是存在一个问题的。默认情况下,Sys的审计信息是记录在dba_audit_trail视图中进行查询,也就是记录在基表aud$下面。而Sys恰恰是拥有该表数据删除权限的用户。这样,Sys用户是可以删除掉关于自己“不利”的信息的。
订阅 syslog