On Tuesday 28 October 2008 17:32:36 Jeremy Chadwick wrote: > On Tue, Oct 28, 2008 at 05:26:03PM +0100, Jos Chrispijn wrote: > > A prt of my daily security run: > > > > triton.xxx.xxx.xxx kernel log messages: > > +++ /tmp/security.VnqB8ZT6 2008-10-27 23:53:32.000000000 +0100 > > +em0: link state changed to DOWN > > +em0: link state changed to UP > > +em0: link state changed to DOWN > > +em0: link state changed to UP > > +em0: link state changed to DOWN > > +em0: link state changed to UP > > > > Is there a way of adding the time on every DOWN and UP line? > > No, because the messages are in the kernel log. The kernel itself does > not print timestamps, because that's silly. > > Try doing this: > > 1) Edit /etc/syslog.conf and enable /var/log/all.log,
Actually, these end up in /var/log/messages in a vanilla system (*.notice). You can modify /etc/periodic/security/700.kernelmsg, by using: fgrep 'kernel: ' /var/log/messages 2>/dev/null | where it says: dmesg 2>/dev/null Or more prescise: fgrep 'your.host.name kernel: ' /var/log/messages This will give you timestamps with the output. I can't really think of anything that does end up in dmesg and not in /var/log/messages, but I'm sure there are some. -- Mel Problem with today's modular software: they start with the modules and never get to the software part. _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"