syslog

问题 I am contacting you regarding an issue I have with syslog-NG. some of our devices (mainly HP switches and SANs) are sending syslog messages that do not respect the syslog RFC 5424 it seems. to give you a few examples : if I sniff the network interface of the server, we can see these "wrong" messages like that (as you can see, after the PRI, we can see the PROGRAM, then timezone and fields separated with commas. in short, mixed fields, missing fields etc. not a standard syslog message) : <190

问题 I am trying to load Lua script from HAProxy. In the Lua script, the following line is causing an error: local http = require("socket.http") Intially I gathered from journalctl -xe output that the library was not installed. I installed it using luarocks install luasocket . This did not solve the issue. The new error is module "socket.http" not found . Following the comment in this post I realized that I must change the settings for Lua library path in order to resolve this issue. Now, I want

问题 I have been asked to write a program using python for an assignment. I have been given a syslog file and I have to find things out about it How do I find out how many attempts were made to login to the root account? Any advice would be highly appreciated as I am very new to python and completely lost! 回答1: something like this #open the file , can be /var/log/messages, /var/log/maillog etc as defined in your system f=open("mysyslogfile") count=0 #go through the file for line in f: if "<unique

问题 I have a docker-compose configuration like this: version: '3' services: worker: image: // image logging: driver: syslog options: syslog-address: "udp://XXX.papertrailapp.com:XXXX" tag: "{{.Name}}/{{.ID}}" When I deploy this to digital ocean & ubuntu I can successfully run the docker-compose up command like so: docker-compose -f docker-compose.yml up When that command runs I can see this output worker_2_844fc7675414 | WARNING: no logs are available with the 'syslog' log driver worker_1

问题 I am trying to log stack traces into Logstash. The logging stack is ELK (ElasticSearch, Logstash, Kibana). The application producing logs is a Java application, using slf4j as a logging interface, and log4j2 as the logging implementation. The log4j2.xml declares this syslog Appender, with the RFC5424 format: <Appenders> <Syslog name="RFC5424" format="RFC5424" host="localhost" port="8514" protocol="TCP" appName="MyApp" includeMDC="true" mdcId="mdc" facility="LOCAL0" enterpriseNumber="18060"

问题 we are searching for a solution to log an event (for example into the syslog) when a user logs out of the system. This could be logging out from a shell (bash) or logging out using ssh. We want to distinguish between explicit user logouts via "exit" and users sessions which just expire (timeout). Is that possible? How-to? Which directions to look for a solution? The system is RHEL7/CentOS7 and runs using VMWare (web console logout should also be logged). 回答1: You might need too different

问题 I'm trying to build a yocto image without busybox and without any busybox applet deployed. I have tried that configuring my distro.conf file in this way: DISTRO_FEATURES_remove = " busybox" VIRTUAL-RUNTIME_base-utils = "" PREFERRED_PROVIDER_virtual/base-utils = "" Nonetheless, busybox binary and two related applets (syslog and udhcpc) are installed in the generated image: $ rpm -qa | grep busybox busybox-syslog-1.24.1-r0.corei7_64 busybox-1.24.1-r0.corei7_64 busybox-udhcpc-1.24.1-r0.corei7_64

问题 I'm using Log4j version 2.1 (the latest stable version) and trying to use a Syslog appender to log to a syslog server. I'm using the configuration given at their official site (http://logging.apache.org/log4j/2.x/manual/appenders.html#SyslogAppender): <Syslog name="RFC5424" format="RFC5424" host="localhost" port="514" protocol="UDP" appName="MyApp" includeMDC="true" facility="LOCAL0" enterpriseNumber="18060" newLine="true" messageId="Audit" id="App"/> When I start my app and do a LogManager

问题 After searching around, I'm still confused whether you can have a docker container running Ubuntu with a working init system (upstart) and syslog , or not. I know docker containers are meant for running a single process and not a full OS, but my use case is testing a daemon on various linux distros, making sure the daemon starts, stops and restarts successfully on crashes, etc., with logging to syslog. So I'm trying to decide if I can use a docker container for this or maybe I would be better

问题 I have a script which is scheduled to run on crontab. I noticed that I could not see php errors anywhere. I wanted to be able to see php errors logged on /var/log/syslog or some place else. I have tried configuring my php.ini to log the errors on /var/log/php-errors.log, checked permissions and restarted the apache service still no logs. 回答1: There are two issues to consider: First, PHP CLI uses a different php.ini than the version of PHP that runs via Apache. Make sure you are editing the