Re: syslog time resolution
> I would like to increase the number of decimals reported in logfiles by > syslogd(8), anyone knows if it is possible and perhaps a hint on how to do > it? > > tcpdump for instance, has six decimals: 21:25:20.160833 whereas the > standard syslog has zero decimal secs. > > I am only referring to events within a single system so it's not related to > clock accuracy. > > Thanks and sorry if I missed the obvious! You might want to try changing the base system's syslogd(8) for a more feature rich syslog solution. I'd suggest using syslog-ng which is available in the FreeBSD ports as sysutils/syslog-ng2 http://www.freebsd.org/cgi/url.cgi?ports/sysutils/syslog-ng2/pkg-descr It has quite a lot more features then the base system's syslogd(8) as you can see from the online Administrator's Guide http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html Should you like to check out other syslogd replacements, check the Library at http://www.loganalysis.org/ Have fun! David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: syslog time resolution
On Wed, Nov 07, 2007 at 09:29:23PM +0100, Per olof Ljungmark wrote: > > Hi, > > I would like to increase the number of decimals reported in logfiles by > syslogd(8), anyone knows if it is possible and perhaps a hint on how to > do it? > > tcpdump for instance, has six decimals: 21:25:20.160833 whereas the > standard syslog has zero decimal secs. > > I am only referring to events within a single system so it's not related > to clock accuracy. > > Thanks and sorry if I missed the obvious! > > --per Per, Dependent on what you're exactly trying to do, you might want to look at daemontools (in ports: sysutils). The tools come with a logger which will give you high resolution timestamps. Have a look at: http://cr.yp.to/daemontools/multilog.html http://cr.yp.to/daemontools/tai64n.html HTH. -- Frank Contact info: http://www.esperance-linux.co.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: syslog time resolution
On Wed, Nov 07, 2007 at 09:29:23PM +0100, Per olof Ljungmark wrote: > Hi, > > I would like to increase the number of decimals reported in logfiles by > syslogd(8), anyone knows if it is possible and perhaps a hint on how to do > it? > > tcpdump for instance, has six decimals: 21:25:20.160833 whereas the > standard syslog has zero decimal secs. > > I am only referring to events within a single system so it's not related to > clock accuracy. > > Thanks and sorry if I missed the obvious! > > --per Guessing on syslogd source (src/usr.sbin/syslogd/syslogd.c, line ~900) time() and ctime() functions are used to get timestamps, which return only full seconds. So, if I'm not mistaken, there's no easy way to get desired behaviour from base's syslogd. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
syslog time resolution
Hi, I would like to increase the number of decimals reported in logfiles by syslogd(8), anyone knows if it is possible and perhaps a hint on how to do it? tcpdump for instance, has six decimals: 21:25:20.160833 whereas the standard syslog has zero decimal secs. I am only referring to events within a single system so it's not related to clock accuracy. Thanks and sorry if I missed the obvious! --per ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
