On Sat, Dec 21, 2013 at 9:46 PM, Cliff Pratt enkiduonthe...@gmail.com wrote:
John's suggestion is still pertinent. You'll need a SIGHUP handler in your
script. Logrotate could send the SIGHUP in a postrotate 'script'.
Thanks!
On Sun, Dec 22, 2013 at 3:15 PM, Larry Martell
I'm looking for advice or suggestions for rolling log files with a
daemon. I have a python script that I daemonized with
http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_python/.
Before I daemonized it it was run from a bash script that invoked the
underlying python script. It
On 12/21/2013 4:56 PM, Larry Martell wrote:
I'm looking for advice or suggestions for rolling log files with a
daemon. I have a python script that I daemonized with
http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_python/.
Before I daemonized it it was run from a bash script
On Sat, Dec 21, 2013 at 8:52 PM, John R Pierce pie...@hogranch.com wrote:
On 12/21/2013 4:56 PM, Larry Martell wrote:
I'm looking for advice or suggestions for rolling log files with a
daemon. I have a python script that I daemonized with
On 12/21/2013 6:15 PM, Larry Martell wrote:
This is not using syslog. If you look at the daemonizing script I gave
the link to, you pass in the log files for stdout and stderr, and it
does some double fork magic and then associates the given files with
them
i rarely read links on emails, and
John's suggestion is still pertinent. You'll need a SIGHUP handler in your
script. Logrotate could send the SIGHUP in a postrotate 'script'.
Cheers,
Cliff
On Sun, Dec 22, 2013 at 3:15 PM, Larry Martell larry.mart...@gmail.comwrote:
On Sat, Dec 21, 2013 at 8:52 PM, John R Pierce
I have a requirement to allow our security officer to regularly view and
analyze the logging and auditing results of one of the machines in our
lab. He comes from the Microsoft Windows world and is not a *nix
trained person.
I know I can configure logwatch. I can also create a script containing
Please check which one suits you more both are web-based Octopussy or
loganalyer
http://loganalyzer.adiscon.com/
http://sourceforge.net/projects/syslog-analyzer/
On Tue, Aug 28, 2012 at 3:21 PM, David McGuffey
davidmcguf...@verizon.netwrote:
I have a requirement to allow our security officer
From: David McGuffey davidmcguf...@verizon.net
To: centos@centos.org
Sent: Tuesday, August 28, 2012 2:51 AM
Subject: [CentOS] Log viewing and analysis tools
I have a requirement to allow our security officer to regularly view and
analyze the logging and auditing results of one
: Tuesday, August 28, 2012 2:51 AM
Subject: [CentOS] Log viewing and analysis tools
I have a requirement to allow our security officer to regularly view and
analyze the logging and auditing results of one of the machines in our
lab. He comes from the Microsoft Windows world and is not a *nix
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better like:
- color
- grepping multiple keywords
- some statistic
Thank you
Fajar.
___
On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better like:
- color
- grepping multiple keywords
- some statistic
I don't know about
Bowie Bailey wrote:
On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better like:
- color
- grepping multiple keywords
- some statistic
centos-boun...@centos.org wrote:
Bowie Bailey wrote:
On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better like:
- color
- grepping
: Re: [CentOS] Log monitoring
centos-boun...@centos.org wrote:
Bowie Bailey wrote:
On 7/6/2011 5:37 AM, Fajar Priyanto wrote:
Hi all,
Currently I do 'tail -f /var/log/messages | grep something' to
monitor/tune in my iptables rules.
Based on your experience, is there any tools do that better
Same here,
I just recently started using/testing rsyslogd (to mysql [native mysql support
is great])+LogAnalyzer web front end for a central log host. So far its been
working quite well. Worth checking out
Aly
Sent from my BlackBerry device on the Rogers Wireless Network
Hi folks,
In the company where i work, we are implementing a security standard. A part
of this is a log monitoring and reporting software. There are a few
requirements, that the software must fulfil:
- It must be capable of collecting logs from different devices (Linux
machines, network equipment,
On 03/03/11 1:12 AM, Janez Kosmrlj wrote:
Hi folks,
In the company where i work, we are implementing a security standard.
A part of this is a log monitoring and reporting software. There are a
few requirements, that the software must fulfil:
- It must be capable of collecting logs from
On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
Hi folks,
In the company where i work, we are implementing a security standard. A part
of
this is a log monitoring and reporting software. There are a few requirements,
that the software must fulfil:
- It must be capable of collecting logs from
On Thu, Mar 3, 2011 at 2:46 PM, Les Mikesell lesmikes...@gmail.com wrote:
On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
Hi folks,
In the company where i work, we are implementing a security standard. A
part of
this is a log monitoring and reporting software. There are a few
requirements,
Subject: Re: [CentOS] log monitoring and reporting software
On Thu, Mar 3, 2011 at 2:46 PM, Les Mikesell lesmikes...@gmail.com wrote:
On 3/3/11 3:12 AM, Janez Kosmrlj wrote:
Hi folks,
In the company where i work, we are implementing a security standard. A part
of
this is a log monitoring
It has to collect logs from syslog (or similar service ), because one
requirement for certification is log history from all devices in one place.
And since we are talking about 1500 devices it should be easy to configure and
maintain.
--
You might want to think about:
Geoff Galitz wrote:
You might want to think about:
syslog-ng/rsyslog remote logging + syslog-ng/rsyslog master log receiver +
splunk
CentOS6 (will) use rsyslog by default and rsyslog is available with
CentOS5, so you might want to use rsyslog rather than syslog-ng for
CentOS hosts.
On 3/3/2011 8:00 AM, Janez Kosmrlj wrote:
OpenNMS is a good snmp monitoring framework with
notification/reporting. It
doesn't 'collect' logs but you can configure it to receive syslog
from other
machines and there are a variety of other ways you can pick up data.
It doesn't deal with logs as files, but if syslog messages are sent or
forwarded to it, it can generate events and notifications from the
central configuration.
http://www.opennms.org/wiki/Syslogd
--
Les Mikesell
lesmikes...@gmail.com
That's probably not what the OP wanted.
On 3/3/2011 10:22 AM, rai...@ultra-secure.de wrote:
It doesn't deal with logs as files, but if syslog messages are sent or
forwarded to it, it can generate events and notifications from the
central configuration.
http://www.opennms.org/wiki/Syslogd
That's probably not what the OP wanted.
2011/3/3 Janez Kosmrlj postnali...@googlemail.com:
Hi folks,
In the company where i work, we are implementing a security standard. A part
of this is a log monitoring and reporting software. There are a few
requirements, that the software must fulfil:
- It must be capable of collecting logs
I have deployed LogAnalyzer, and it has been working great in our environment.
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
Les Mikesell
Sent: Thursday, March 03, 2011 12:08 PM
To: centos@centos.org
Subject: Re: [CentOS] log
Albert McCann wrote:
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Rob Kampen
Sent: Sunday, February 27, 2011 3:34 PM
To: CentOS mailing list
Subject: [CentOS] log time formats - where is this defined
One of my servers is using ISO
Spiro Harvey wrote:
On Sun, 27 Feb 2011 15:33:57 -0500
Rob Kampen rkam...@kampensonline.com wrote:
One of my servers is using ISO datetime formats
(2011-02-27T15:22:15.519857-05:00) in the logs
the rest use the default redhat/CentOS format (Feb 27 15:10:21).
After a couple of hours
One of my servers is using ISO datetime formats
(2011-02-27T15:22:15.519857-05:00) in the logs
the rest use the default redhat/CentOS format (Feb 27 15:10:21).
After a couple of hours searching google I cannot find where this is
defined.
I know I changed it some months ago as an experiment but
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Rob Kampen
Sent: Sunday, February 27, 2011 3:34 PM
To: CentOS mailing list
Subject: [CentOS] log time formats - where is this defined
One of my servers is using ISO datetime formats
On Sun, 27 Feb 2011 15:33:57 -0500
Rob Kampen rkam...@kampensonline.com wrote:
One of my servers is using ISO datetime formats
(2011-02-27T15:22:15.519857-05:00) in the logs
the rest use the default redhat/CentOS format (Feb 27 15:10:21).
After a couple of hours searching google I cannot
My log seems not to be accepted by the list
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Maybe the list doesn't accept attachments if that's what you have been sending.
Please try using something like pastebin.com and include the URL in your email.
On 7/10/10, mj m...@mjw.se wrote:
My log seems not to be accepted by the list
___
Hello,
I've got a Centos 5.4 box that is not rotating it's mail logs. I just
found out about this, the file is considerably large. I've included my
log rotation configs if anyone has any suggestions i'm open to them.
Thanks.
Dave.
/etc/rsyslog.conf:
# Log all kernel messages to the console.
#
On Sun, Mar 14, 2010 at 5:10 PM, David Mehler dave.meh...@gmail.com wrote:
I've got a Centos 5.4 box that is not rotating it's mail logs. I just
found out about this, the file is considerably large. I've included my
log rotation configs if anyone has any suggestions i'm open to them.
I had a
Hi,
Thanks for your reply. Crontabs package is indeed installed.
Thanks.
Dave.
On 3/14/10, Wes Shull wes.sh...@gmail.com wrote:
On Sun, Mar 14, 2010 at 5:10 PM, David Mehler dave.meh...@gmail.com wrote:
I've got a Centos 5.4 box that is not rotating it's mail logs. I just
found out about
On Sunday 14 March 2010 20:38:23 David Mehler wrote:
Thanks for your reply. Crontabs package is indeed installed.
Various things:
1- Check that indeed crond is running (ps -ef | grep cron)
2- Check that the logrotate script is indeed in the /etc/cron.daily|hourly|
weekly directories...
3- the
Hi,
Thanks for your reply.
Cron is indeed installed and started. I had a logrotate script in cron.daily.
When i ran logrotate -d -f logrotate.conf first it failed to complete
with an error having to do with ftp, corrected that, reran it, this
time it completed successfully but the major file had
--- On Sun, 8/30/09, Dave dave.meh...@gmail.com wrote:
Hello,
I've got a centos 5.3 machine that is
running services http and ftp
whih are the two services i've noticed this on. When log
rotation happens
the old logs are renamed and compressed, but new logs httpd
and pure-ftpd
have
com
Bill Campbell wrote on Mon, 5 Jan 2009 16:02:29 -0800:
(which we are running for Zope compatibility
as the version of Zope we're running doesn't work with python-2.5.x.
you did realize that this is another python compatibility issue, did you
;-)
Kai
--
Kai Schätzl, Berlin, Germany
Get
On Tue, Jan 06, 2009, Kai Schaetzl wrote:
com
Bill Campbell wrote on Mon, 5 Jan 2009 16:02:29 -0800:
(which we are running for Zope compatibility
as the version of Zope we're running doesn't work with python-2.5.x.
you did realize that this is another python compatibility issue, did you
;-)
Spiro Harvey wrote:
Les Mikesell lesmikes...@gmail.com wrote:
Don't count on the same stability with python. It has an annoying
habit of changing syntax in non-backwards compatible ways with no
You seem to be hell-bent (excuse the pun) on turning this into a jihad
on scripting languages.
I need to review a logfile with Sed and cut out all the lines that start with a
certain word, problem
is this word begins after some amount of whitespace and unless I search for
whitespace at the
beginning followed by word I may encounter word somewhere legitimately
hence why
I don't just
On Mon, Jan 05, 2009, Joseph L. Casale wrote:
I need to review a logfile with Sed and cut out all the lines that start with
a certain word, problem
is this word begins after some amount of whitespace and unless I search for
whitespace at the
beginning followed by word I may encounter word
On Mon, 5 Jan 2009, Joseph L. Casale wrote:
I need to review a logfile with Sed and cut out all the lines that
start with a certain word, problem is this word begins after some
amount of whitespace and unless I search for whitespace at the
beginning followed by word I may encounter word
What about:
perl -ne 'if (/^\s*word/) { print $_; }' logfile
any others?
On Mon, Jan 5, 2009 at 11:45 AM, Joseph L. Casale
jcas...@activenetwerx.com wrote:
I need to review a logfile with Sed and cut out all the lines that start with
a certain word, problem
is this word begins after some
awk '$1 == word{print}' /var/log/messages
This example assumes that word is the first field and that it consists
only of word. If the first field is word1 this won't match.
Fixes for this are
awk '$1 ~ word{print}'
(this matches any occurrance of word in the first field)
or:
awk
The regex you want is ^[[:space:]]*word
Wow, thanks everyone for the help! How does one modify this to also knock out
lines that *must* have whitespace followed by a number [0-9]? I can do it using
^[[:space:]]*[0-9] but it also takes out lines w/o whitespace that begin with
numbers?
I have to
[0-9]? I can do it using ^[[:space:]]*[0-9] but it also takes out
lines w/o whitespace that begin with numbers?
to match one or more, use + instead of *.
* matches 0 or more, + matches 1 or more.
I have to buy a book on RegEx's and Sed :)
http://www.gnu.org/manual/gawk/gawk.pdf
(G)awk is
On Mon, 5 Jan 2009, Joseph L. Casale wrote:
The regex you want is ^[[:space:]]*word
Wow, thanks everyone for the help! How does one modify this to also
knock out lines that *must* have whitespace followed by a number
[0-9]? I can do it using ^[[:space:]]*[0-9] but it also takes out
lines
to match one or more, use + instead of *.
* matches 0 or more, + matches 1 or more.
Thanks!
I have to buy a book on RegEx's and Sed :)
http://www.gnu.org/manual/gawk/gawk.pdf
(G)awk is pretty sh!t hot where I work; however we've extended it a
bit. :)
So gawk does all that sed does and more?
So gawk does all that sed does and more? I suppose I can start with
Can't really answer that. In 15 years of using UNIX systems, I've never
touched sed. :)
With Gawk's BEGIN and END blocks you can use it to write full
programs, which is kind of nice.
that in this case, I always wanted a book
On Jan 5, 2009, at 2:56 PM, Joseph L. Casale wrote:
The regex you want is ^[[:space:]]*word
Wow, thanks everyone for the help! How does one modify this to also
knock out
lines that *must* have whitespace followed by a number [0-9]? I can
do it using
^[[:space:]]*[0-9] but it also takes
On Mon, 2009-01-05 at 13:40 -0700, Joseph L. Casale wrote:
to match one or more, use + instead of *.
* matches 0 or more, + matches 1 or more.
Thanks!
snip
So gawk does all that sed does and more? I suppose I can start with
Tons. You can write fairly complex programs with (g)awk. It
Joseph L. Casale wrote:
to match one or more, use + instead of *.
* matches 0 or more, + matches 1 or more.
Thanks!
I have to buy a book on RegEx's and Sed :)
http://www.gnu.org/manual/gawk/gawk.pdf
(G)awk is pretty sh!t hot where I work; however we've extended it a
bit. :)
So gawk
Why not just start with perl which does more than sed/awk while using
similar syntax (if you want)?
This is why:
awk '/^[[:space:]]*word/ {print}' logfile
vs
perl -ne 'if (/^\s*word/) { print $_; }' logfile
Which syntax is likely to be easier to remember?
--
Spiro Harvey
Spiro Harvey wrote:
Why not just start with perl which does more than sed/awk while using
similar syntax (if you want)?
This is why:
awk '/^[[:space:]]*word/ {print}' logfile
vs
perl -ne 'if (/^\s*word/) { print $_; }' logfile
Which syntax is likely to be easier to remember?
On Tue, Jan 06, 2009, Spiro Harvey wrote:
Why not just start with perl which does more than sed/awk while using
similar syntax (if you want)?
This is why:
awk '/^[[:space:]]*word/ {print}' logfile
vs
perl -ne 'if (/^\s*word/) { print $_; }' logfile
Which syntax is likely to be easier to
Bill Campbell wrote:
I used to some pretty complex shell and awk scripts before learning perl
about 20 years ago. Perl allowed me to do most things in a single language
including fairly low-level system calls that I previously had to do with
compiled ``C'' programs.
And you can probably
Les Mikesell lesmikes...@gmail.com wrote:
Don't count on the same stability with python. It has an annoying
habit of changing syntax in non-backwards compatible ways with no
You seem to be hell-bent (excuse the pun) on turning this into a jihad
on scripting languages. Please take the credo of
On Mon, Jan 05, 2009, Les Mikesell wrote:
Bill Campbell wrote:
I used to some pretty complex shell and awk scripts before learning perl
about 20 years ago. Perl allowed me to do most things in a single language
including fairly low-level system calls that I previously had to do with
hi all, where exactly sshd log files???
this is what i have in /etc/sshsshd_config
SyslogFacility AUTHPRIV
if i want to log who login/logout sshd, what option do i need to turn
on???
thanks,
t. hiep
___
CentOS mailing list
CentOS@centos.org
Hiep Nguyen wrote:
hi all, where exactly sshd log files???
this is what i have in /etc/sshsshd_config
SyslogFacility AUTHPRIV
if i want to log who login/logout sshd, what option do i need to turn on???
/var/log/secure
thanks,
t. hiep
___
On Tuesday 11 March 2008 15:33:36 Hiep Nguyen wrote:
hi all, where exactly sshd log files???
this is what i have in /etc/sshsshd_config
SyslogFacility AUTHPRIV
if i want to log who login/logout sshd, what option do i need to turn
on???
thanks,
t. hiep
Logwatch can supply you with a
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
iptables?
Thanks
Tony Schreiner
Boston College
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Tue, Feb 05, 2008 at 11:56:48AM -0500, Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
iptables?
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix WWW
You might want to tack --syn on there as well to only log the packet
On Feb 5, 2008, at 12:00 PM, Ray Van Dolson wrote:
On Tue, Feb 05, 2008 at 11:56:48AM -0500, Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
iptables?
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix WWW
You might want to
On Feb 5, 2008, at 12:15 PM, John R Pierce wrote:
Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
assuming you want to log user web browsing traffic, configuring a
Squid transparent proxy at your network border would be the best
To get more specific about what's going on. My network services have
informed me that the machine is probing other systems at a high rate. An
infection of some sort. And I'm trying to track down what's going on.
The LOG target lets you display the user id of the process I believe,
but not
On Tue, Feb 05, 2008, Tony Schreiner wrote:
On Feb 5, 2008, at 12:15 PM, John R Pierce wrote:
Tony Schreiner wrote:
Is there a way to log outbound connections to a specific port (80)?
CentOS 4.6.
assuming you want to log user web browsing traffic, configuring a
Squid transparent proxy at
Tony Schreiner wrote:
assuming you want to log user web browsing traffic, configuring a
Squid transparent proxy at your network border would be the best
way. its logfiles are quite similar to those of a webserver, so you
can use a wide range of log analysis tools.
To get more specific
On Tue, Feb 05, 2008 at 09:29:30AM -0800, John R Pierce wrote:
Tony Schreiner wrote:
assuming you want to log user web browsing traffic, configuring a Squid
transparent proxy at your network border would be the best way. its
logfiles are quite similar to those of a webserver, so you can use
On Tuesday 05 February 2008 12:00, Ray Van Dolson wrote:
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix WWW
I was thinking more along these lines for a rule:
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j LOG --log-prefix
[WWW] : --log-tcp-options --log-ip-options
Given my experience in Linux is limited currently, what do you guys use to
monitor logs such as 'messages' on your centos servers? I had a hardware
failure that happened in between me manually looking (of course...). I would
hope it might have a some features to email critical issues etc...
On Mon, Jan 07, 2008, Joseph L. Casale wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as `messages' on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course...). I would hope it might
Joseph L. Casale wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as ‘messages’ on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course…). I would hope it might have a some features to email
Bill Campbell wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as `messages' on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course...). I would hope it might have a some features to
On Mon, Jan 07, 2008, Les Mikesell wrote:
Bill Campbell wrote:
Given my experience in Linux is limited currently, what do you guys
use to monitor logs such as `messages' on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course...). I would
80 matches
Mail list logo