Highest Voted 'journald' Questions - Server Fault Stack Exchange

1

vote

1 answer

Is there a way to configure journald.conf through cloud config on CoreOS?

Try to find a way to automatically set SystemMaxUse for systemd-journald.service. I knew I can set it in /etc/systemd/journald.conf manually. But it will restore to default after CoreOS updates in my experience. Also, configuring drop-ins in…

asked Jun 10 '16 at 16:49

zeck

121
2

1

vote

1 answer

Sending docker logs to logstash

I have a number of CoreOS servers on Amazon AWS and would like to collect events or logs from them and forward them onto my ELK stack provider logz.io. Being a little new to the ELK stack, I'm a little lost on how to best get the data out. It was…

elasticsearch logstash coreos journald

asked Apr 13 '16 at 21:45

hookenz

14,132
22
86
142

1

vote

2 answers

Referencing journald fields when forwarding messages to syslog-ng

How can I change my syslog-ng template so that when the log originates from a systemd service / unit, the log message will include the unit's name? Using ${PROGRAM} just shows the name of the executable that the systemd service called / that the…

syslog systemd syslog-ng journald

asked Feb 20 '16 at 20:59

BSchlinker

340
2
3
12

1

vote

0 answers

Journald: give users access to specific unit's logs

I'm taking care of a server (Debian Jessie) that several developers use for deploying and managing their work. Now there is a script on this server (managed by one of the developers) that does some regular maintenance stuff and therefore should run…

syslog systemd journald

asked Dec 05 '15 at 15:09

sina

111
1

1

vote

0 answers

unable to query the systemd journal with journalctl

I'm using Red Hat Enterprise Application Platform 6.4.2.GA on following system: # cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.1 (Maipo) # uname -a Linux X 3.10.0-229.7.2.el7.x86_64 #1 SMP Fri May 15 21:38:46 EDT 2015 x86_64…

redhat rhel7 journalctl journald

asked Aug 05 '15 at 16:35

alexus

12,342
27
115
173

1

vote

1 answer

Systemd service logs twice when it stops & starts. Anyway to disable?

I have a systemd (v249) service (my-script.service) which is run every minute by another systemd timer (my-script.timer). Everything's working fine. But systemd logs (to it's journald & thence to /var/log/syslog) the following 2 lines saying that it…

systemd journald

asked Aug 11 '22 at 09:52

Amandasaurus

30,211
62
184
246

1

vote

1 answer

How to send a systemd ssh error so that it's picked by fail2ban

I have a setup which uses ansible and vagrant to test a custom role which installs and configures fail2ban. I have written myself a simple test playbook which uses the fail2ban role and applies the necessary configuration as expected. My intention,…

systemd fail2ban journald

asked Aug 05 '22 at 22:23

tftd

1,480
7
24
38

1

vote

3 answers

systemd StandardOutput to a file _and_ to the journal?

I am regularly doing a long running (~5 day) data processing programme. I'm using Ubuntu and running the command with a systemd transient task via systemd-run --unit data_import /path/to/my-script.sh. It's working well. I can look at the logging…

logging systemd journald

asked Jun 15 '22 at 07:46

Amandasaurus

30,211
62
184
246

1

vote

0 answers

stop kernel audit messages logged in syslog without disabling auditing

OS: CentOS 7 I am trying to figure out how audit (kaudit) events are logged in /var/log/messages. I have enabled audit=1 in grub which means when the server boots, kernel auditing is enabled. This is the desired state for the particular system and…

systemd rsyslog audit auditd journald

asked Nov 25 '21 at 12:05

giomanda

1,644
4
20
30

1

vote

1 answer

How I can send all logs from journald to GCP Logging?

Don't know what to add more to question, just want to send all logs. My applications write logs to journald, there is no files on disk. UPD. Just to clarify, there are files where journald store logs, my application do not create any logs files.

logging google-cloud-platform cloud journald google-stackdriver

asked Sep 25 '21 at 12:42

Raf

163
7

1

vote

0 answers

Delete old SSH session recordings

Recently I've been testing SSH Session recording in Fedora + Cockpit as a method of auditing. This has been working pretty well, but it records too much information, and more importantly, picked up a zfs send transfer, which filled the journald…

ssh logging systemd journald

asked Mar 14 '21 at 09:15

Alex

369
5
22

1

vote

0 answers

Connecting to systemd service's standard output/error

I have a simple systemd service that runs for some time and then exits. It usually gets triggered by a systemd timer but sometimes I want to run it manually (well, from a script). The problem is - I need that script to output to terminal whatever my…

systemd journald

asked Nov 30 '20 at 18:27

Discussian

11
1

1

vote

2 answers

Best way to archive journald logs in a space-efficient way?

It has been established that journald logs are huge. On this specific system, the logs grow about 3GB per week. For audit purposes I would like to preserve system logs for a longer time than what can I comfortably store on that system; this would…

disk-space-utilization archive journald

asked Oct 03 '20 at 20:55

liori

737
3
14

1

vote

0 answers

Journal out of order

Trying to figure out what caused one of our servers (Ubuntu 18.04) to become unresponsive, I was looking through the journal ( journalctl -r) and saw strangely out of order timestamps Apr 17 09:20:19 myserver kernel: microcode: microcode updated…

linux ubuntu journald

asked Apr 17 '20 at 15:56

SmoteKerrek

11
1

1

vote

0 answers

Disable "Failed password" ssh logs

Bots are tirelessly trying to log into my server using ssh. That does not bother me, because my passwords are good, but I don't like the fact that ssh spam fills journald logs. I'd like to filter out this noise. Please note that I don't want to…

centos ssh logging journald centos8

asked Apr 13 '20 at 15:26

vbezhenar

261
1
3
10

Questions tagged [journald]