log monitoring recommendations?

Any opinions/ideas regarding log monitoring. Preferably something with definable actions. Hoping to test/obtain a fail2ban equivalent for BSD The following utilities were located in openports.se hatchet logsentry logsurfer swatch Regards Patrick

OpenBSD 6-stable vmd

Hello misc. For testing purposes I compiled kernel with vmd support. After start the vm -> vmctl start "myvm" -m 512M -i 1 -d disk.img -k /bsd.rd I created a bridge and added vether0 and tap0 In the vm I have configured an ip 192.168.1.30 If I perform ping from OpenBSD Hypervisor -> ping

Re: console mode not allowing login

Hi Todd, On 21 October 2016 at 12:58, Todd C. Miller wrote: > It sounds like you need to enable getty on the serial port. To > login on the serial console you should have a line like the following > in /etc/ttys: > > tty00 "/usr/libexec/getty std.9600" vt220 on

Re: security(8) doesn't know about mailbox locks

Kamil Cholewiński wrote: >Try using aliases(5) instead Okay, but still, security(8) ought not to generate bogus warnings regardless of the method used to forward emails (and there are also probably other ways that a lock file might end up in /var/mail, using a .forward file just happens to be the

Re: console mode not allowing login

It sounds like you need to enable getty on the serial port. To login on the serial console you should have a line like the following in /etc/ttys: tty00 "/usr/libexec/getty std.9600" vt220 on secure - todd

console mode not allowing login

Hi All, After my machine is completed booting up and ready for login, I can't see anymore text in the console. Which also means I can't login to the machine via console. # cat /etc/boot.conf set tty com0 set timeout 60 I'm connecting to the openbsd machine via freebsd with this command: cu -l

Re: security(8) doesn't know about mailbox locks

On Fri, 21 Oct 2016, Philippe Meunier wrote: > When cron runs /etc/daily, that script runs df and netstat and the > output is sent by email to root. On my system, emails to root are > forwarded to local user meunier using /root/.forward. The forwarding > itself temporarily

Re: dmidecode and access to /dev/mem denied

> Index: securelevel.7 > === > RCS file: /cvs/src/share/man/man7/securelevel.7,v > retrieving revision 1.29 > diff -u -p -r1.29 securelevel.7 > --- securelevel.7 28 Sep 2016 17:58:17 - 1.29 > +++ securelevel.7 21

security(8) doesn't know about mailbox locks

Hello, When cron runs /etc/daily, that script runs df and netstat and the output is sent by email to root. On my system, emails to root are forwarded to local user meunier using /root/.forward. The forwarding itself temporarily creates a lock file in /var/mail: -rw--- 1 root wheel

Re: dmidecode and access to /dev/mem denied

> On 2016-10-21, Kapetanakis Giannis wrote: > > Hi, > > > > # dmidecode > > # dmidecode 3.0 > > Scanning /dev/mem for entry point. > > /dev/mem: Operation not permitted > > > > I guess this is similar to > > http://marc.info/?l=openbsd-misc=147575799412450=2 > > > >

Re: dmidecode and access to /dev/mem denied

On 21/10/16 16:54, Stuart Henderson wrote: > On 2016-10-21, Kapetanakis Giannis wrote: >> >> where stu@ said: >> "Kernel virtual memory access is no longer permitted by the kernel on a >> normally running system. The relevant parts of net-snmp will need to be >>

Re: dmidecode and access to /dev/mem denied

On 2016-10-21, Kapetanakis Giannis wrote: > Hi, > > # dmidecode > # dmidecode 3.0 > Scanning /dev/mem for entry point. > /dev/mem: Operation not permitted > > I guess this is similar to > http://marc.info/?l=openbsd-misc=147575799412450=2 > > where stu@ said: >

Re: Build a new kernel for apcupsd

On 2016/10/21 11:42, lilit-aibolit wrote: > On 10/20/2016 07:25 PM, Stuart Henderson wrote: > > On 2016-10-20, lilit-aibolit wrote: > > > Hi list. > > > In recent OpeBSD versions usb devices attached to upd driver. > > > This is why apcupsd doesn't detect APC USB devices. >

Re: OT: shell / terminal / console / tty / cua / getty

2016-10-21 12:04 GMT+02:00 Mihai Popescu : > terminal: physical stuff, keyboard + screen + serial port for > mainframe connection Relevant: https://www.jwz.org/blog/2016/10/export-termaaa-60/ > enough. Also a link or a book indication for all this stuff will be > fine. We have

dmidecode and access to /dev/mem denied

Hi, # dmidecode # dmidecode 3.0 Scanning /dev/mem for entry point. /dev/mem: Operation not permitted I guess this is similar to http://marc.info/?l=openbsd-misc=147575799412450=2 where stu@ said: "Kernel virtual memory access is no longer permitted by the kernel on a normally running system.

Re: Build a new kernel for apcupsd

On 10/20/2016 07:25 PM, Stuart Henderson wrote: On 2016-10-20, lilit-aibolit wrote: Hi list. In recent OpeBSD versions usb devices attached to upd driver. This is why apcupsd doesn't detect APC USB devices. After installing apcupsd there is statement how to deal with

OT: shell / terminal / console / tty / cua / getty

Hello, I was asking long time ago about a terminal here, and I got some good answers from people who might been using it back in time. That question was a begining for understanding what is the relation among all the stuff from the post subject. Please help with some clarifications if you can.

Re: 4th nic for pcengines apu2

Fri, 21 Oct 2016 09:32:08 +0200 Marc Peters > Am 10/20/16 um 18:26 schrieb Stuart Henderson: > > > > You should find out if they have IPMI. Standard config on many Supermicros > > is to have it enabled, sharing the first main network port if you don't have > > anything plugged

Re: Because Theo de Raadt said that the buttons are for idiots?

The poster is just trolling, and trying to get reactions. Don't answer. On 2016 Oct 20 (Thu) at 23:57:26 +0200 (+0200), Alexander Hall wrote: :On this list, English is the language to use, and Google translate does not :cut it. I do think I understand what you're after, but have someone help

Re: 4th nic for pcengines apu2

Am 10/20/16 um 18:26 schrieb Stuart Henderson: > > You should find out if they have IPMI. Standard config on many Supermicros > is to have it enabled, sharing the first main network port if you don't have > anything plugged into the dedicated one, with the same password on every > machine. You