On Thu, 2003-12-04 at 18:07, John Egan wrote:Hi Jason,
Hi there.
I have enabled '--log-details syslog' in the confiure comand line. Log messages are produced but the format is -
qmail-scanner[7508]: [Clear] RC:1(202.22.172.13): 0.560632 427 [EMAIL PROTECTED] [EMAIL PROTECTED] email_test <[EMAIL PROTECTED]> 1070512290.7510-0.testmail.hwy.com.au:0
The timestamp and the process name are missing and therfore not very useful. Is the version of perl and perl modules the poblem or something that I have not doen yet.
Huh? What do you mean there's no timestamp. All syslog servers ALWAYS report the timestamp. Are you saying your syslog files contain no timestamp for ANYTHING - Q-S or otherwise? If so, then your syslog is broken. And the processname is "qmail-scanner[7508]" BTW.
You syslog records should look like this:
Dec 5 09:10:02 qmail-scanner[7508]: [Clear] RC:1(202.22.172.13):.....
Cheers
Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
The sample I supplied is what is in the log, no data stamp. All other messges are include a timestamp. I did manage to get -
Dec 3 14:42:07 [suidperl] qmail-scanner[15043]: Clear:RC:1(202.22.172.22): 1.025531 1348 [EMAIL PROTECTED] [EMAIL PROTECTED] Hwy_Submission_Form <[EMAIL PROTECTED]> 1070422926.15047-0.testmail.hwy.com.au:616
After I changed to using unix::syslog in q-s. This change in perl module then started casuing errors so I have gone back to unchanged q-s v1.2.
All other messages are the same fomat - <timestamp> <[process name]> <log details>. The process name is always in '[....]'.
I guess the other missing part of the puzzle is that I'm using metalog to relpace klogd and syslogd. I am tring to use the config features of metalog to better manage the server logging.
Regards
John
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
