Questions tagged [syslog]

syslog is a standard for logging messages about the operation of a system.

syslog is a standard that defines the format of messages about a system's operation. They are further categorized by facility (user,mail,kern), etc and a severity (critical, emergency, informational, etc). These messages are usually then processed by a network monitoring system to take appropriate action. For example, on an emergency message, staff could be paged to resolve the issue, whereas long term analysis could be done on informational messages to properly maintain sytems.

641 questions
75
votes
16 answers

Alternatives to Splunk?

I'm pretty impressed with Splunk, especially version 4. Pretty graphs, alerting (Enterprise only), and fast, accurate, searching. It's a great product. However, the cost just way too high to consider for full production use for our company. All we…
MichaelGG
  • 1,739
  • 8
  • 25
  • 30
67
votes
4 answers

What is the difference between syslog, rsyslog and syslog-ng?

I am a bit confused in syslog, rsyslog and syslog-ng. From where can I get the source code for syslog()? Is there any difference between rsyslog and rsyslogd?
StackUser
  • 803
  • 1
  • 7
  • 7
61
votes
3 answers

Better logging for cronjobs? Send cron output to syslog?

I am looking for a better way to log cronjobs. Most cronjobs tend to spam email or the console, get ignored, or create yet another logfile. In this case, I have a Nagios NSCA script which sends data to a central Nagios sever. This send_nsca script…
Stefan Lasiewski
  • 22,949
  • 38
  • 129
  • 184
52
votes
7 answers

How to add message that will be read with dmesg?

I am trying to write some custom messages in my dmesg output. I tried: logger "Hello" but this does not work. It exits without error, but no "Hello" appears int the output of: dmesg I am using a Fedora 9, and it seems that there is no…
calandoa
  • 1,255
  • 2
  • 12
  • 14
49
votes
2 answers

Splunk is fantastically expensive: What are the alternatives?

Possible Duplicate: Alternatives to Splunk? This has been discussed, but it has been several months, so it may be time to revisit it: Earlier discussion RE Splunk alternatives For the record, Splunk rocks. But the pricing is simply beyond what we…
42
votes
6 answers

How can I prevent cron from filling up my syslog?

I have a script which needs to be executed each minute. The problem is that cron is logging to /var/log/syslog each time it executes. I end up seeing something like this repeated over and over in /var/log/syslog: Jun 25 00:56:01 myhostname…
user7321
  • 976
  • 1
  • 8
  • 13
40
votes
7 answers

Switch on PAM debugging to Syslog

How do I switch on PAM debugging in Debian Squeeze at the admin level? I have checked every resource I was able to find. Google, manpages, whatever. The only thing I haven't tried yet (I simply not dare to, did I mention that I hate PAM?) is…
Tino
  • 1,103
  • 1
  • 12
  • 16
32
votes
6 answers

Linux: logwatch(8) is too noisy. How can I control the noise level?

Our Linux systems run logwatch(8) utility by default. On a RedHat/CentOS/SL system, Logwatch is called by the /etc/cron.daily/ cronjob, which then sends a daily email with the results. These emails have a subject like: Subject: Logwatch for…
Stefan Lasiewski
  • 22,949
  • 38
  • 129
  • 184
26
votes
2 answers

Server crash with ascii NUL characters in syslog ( ^@^@^@... )

I have some dedicated server hosted by a OVH (French service provider). OS : Ubuntu 12.04 x64 A few months ago, one of my server crashed. The only weird thing was some "ASCII NUL" caracters in the syslog…
KilianD
  • 261
  • 3
  • 4
26
votes
2 answers

Weird syslog order

Have you ever seen wrong order in /var/log/syslog ? I think that it causes only crontab. Jun 28 22:20:01 alex CRON[2327]: (root) CMD (something > /dev/null) Jun 28 22:21:01 alex CRON[2700]: (root) CMD (something > /dev/null) Jun 21 03:49:01 alex…
Tomasz
  • 371
  • 3
  • 7
21
votes
7 answers

How would you send syslog *securely* over the public Internet?

So I've got a few servers which I'd like to log centrally but obviously I don't want to pass the data insecurely over the internet. I've tried syslog-ng but can't make it work in a secure way, a normal ssh -L PORT:localhost:PORT user@host SSH tunnel…
JamesHannah
  • 1,731
  • 2
  • 11
  • 22
19
votes
4 answers

Which program defaults uses syslog local[0-7] facilities?

As well as the common system facilities (mail, news, daemon, cron, etc), syslog provides a series of "local" facilities, numbers 0 to 7: LOCAL0, LOCAL1, ..., LOCAL7. Which ones are program defaults for common applications? I'm looking to find out…
Jonathan Clarke
  • 1,657
  • 2
  • 11
  • 25
18
votes
4 answers

HAProxy logging to syslog

I installed HAProxy 1.5 via apt-get on ubuntu 14.04 via ppa:vbernat/haproxy-1.5 as per this Debian repository selection tool. The problem is it logging to /var/log/syslog instead of /var/log/haproxy.log The setup is basically the…
Petah
  • 650
  • 2
  • 13
  • 24
16
votes
2 answers

No more logging after upgrade to Debian Wheezy

Syslog, auth.log, kern.log and messages log files are not updated anymore after upgrading to Debian Wheezy (Debian Squeeze was previously running). How could I fix it?
Thierry M.S.
  • 523
  • 1
  • 4
  • 12
15
votes
3 answers

Deciphering continuing mpt2sas syslog messages

Summary I have been getting these cryptic messages in syslog since I installed some new hardware and I can't figure out what the problem is, if it's serious, or what to do about it. They're from the new SATA HBA and they follow a pattern. I will get…
Chris Smith
  • 580
  • 1
  • 4
  • 13
1
2 3
42 43