> On 26 Feb 2025, at 03:51, fed...@eyal.emu.id.au wrote:
>
> Anyone?
I know you can go from journal logs to rayslog.
But do not know if the reverse is possible.
If it is then you would be best asking the rsyslog developers.
Barry
--
Anyone?
TIA
--
Eyal at Home (fed...@eyal.emu.id.au)
--
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/cod
I have a server (e7) and a remote machine (xilinx).
Remote log messages are sent to port 514 and accepted by the server. I can see
them in the relevant log files (messages, cron etc.)
in /etc/rsyslog.conf I have
module(load="imudp")
input(type="imudp" port="514")
module(load="imtcp")
input(type
Once upon a time, Tom Horsley said:
> I found some obscure text about needing to use a $ in front of
> system variables and since $myhostname is a system variable
> I need to type it as $$myhostname in the condition (I think :-)
So an alternate approach that might help... you can assign a ruleset
me in the condition (I think :-)
I don't suppose there is a totally different alternative to
rsyslog out there with sensible syntax? (Something like postfix
instead of sendmail.)
I haven't yet worked up the courage to actually try this for
real...
--
_
On Thu, 16 Nov 2023 20:46:33 -0500
Todd Zullinger wrote:
> I'd probably do this in the newer "advanced" format (AKA
> RainerScript) instead of the "obsolete legacy" format. I
> believe this would do what you want:
I'm just adding a bit to the .conf file that ships with the
rpm, and it is using t
:
> I've got an old PC running Truenas as a local server for backups,
> videos, etc.
>
> I've got another PC I consider my "main" system running rsyslog.
> On this PC I have tried (mostly successfully) to direct remote
> syslog messages from the Truenas system
Tom Horsley wrote:
> I've got an old PC running Truenas as a local server for backups,
> videos, etc.
>
> I've got another PC I consider my "main" system running rsyslog.
> On this PC I have tried (mostly successfully) to direct remote
> syslog messages fr
On Thu, 16 Nov 2023 20:09:26 -0500
Go Canes wrote:
> Any chance there is a rule for logging SMART messages that is taking
> precedence?
A good thing to check. I'll see if I can decrypt the .conf file
and figure that out. Thanks.
--
___
users mailing li
On Thu, Nov 16, 2023 at 7:51 PM Tom Horsley wrote:
> # Log incoming message from remote systems here
> $template DynamicFile,"/var/log/loghost/%HOSTNAME%/%syslogfacility-text%.log"
> :hostname, contains, "nast"
> *.*-?DynamicFile
>
> Most remote log message do indeed get redirected to the subd
I've got an old PC running Truenas as a local server for backups,
videos, etc.
I've got another PC I consider my "main" system running rsyslog.
On this PC I have tried (mostly successfully) to direct remote
syslog messages from the Truenas system to logfiles in a subdirecto
illogical at some point to get into this
> > situation?
>
> I know nothing of syslog-ng, but I have my journald configured to do
> absolutely nothing but forward all log entries to rsyslog so I have
> no furshlugginer binary logs and get the plain text logs God meant
> for linu
syslog-ng, but I have my journald configured
to do absolutely nothing but forward all log entries to rsyslog
so I have no furshlugginer binary logs and get the plain text
logs God meant for linux to have :-).
___
users mailing list -- users@lists.fedorapr
On 11/9/18 8:31 AM, Robert P. J. Day wrote:
> On Fri, 9 Nov 2018, Ed Greshko wrote:
>
>> On 11/9/18 8:02 AM, Robert P. J. Day wrote:
>>> was poking around logging and just now noticed that, on my fedora 29
>>> system, both of rsyslog and syslog-ng (and, i'm as
On Fri, 9 Nov 2018, Ed Greshko wrote:
> On 11/9/18 8:02 AM, Robert P. J. Day wrote:
> > was poking around logging and just now noticed that, on my fedora 29
> > system, both of rsyslog and syslog-ng (and, i'm assuming systemd
> > journalling) are running at the sa
On 11/9/18 8:02 AM, Robert P. J. Day wrote:
> was poking around logging and just now noticed that, on my fedora 29
> system, both of rsyslog and syslog-ng (and, i'm assuming systemd
> journalling) are running at the same time. is that normal? i don't
> recall ever m
was poking around logging and just now noticed that, on my fedora 29
system, both of rsyslog and syslog-ng (and, i'm assuming systemd
journalling) are running at the same time. is that normal? i don't
recall ever messing with installing additional logging packages, but
maybe i di
On Fri, 3 Nov 2017 12:02:06 +
Andy Blanchard wrote:
> Apparently the latest version of rsyslog
> (v8.30.0-3.fc26) is dependant on the latest version of libfastjson
> (v0.99.7-1.fc26) which wasn't initially pushed at the same time as the
> rsyslog update. This was correcte
On 3 November 2017 at 11:43, Cristian Sava wrote:
> Hi all,
>
> After updating F26:
> rsyslog
> systemd
> systemd-libs
> systemd-pam
> systemd-udev
>
> syslog does not start!
I spotted this problem too. Apparently the latest version of rsyslog
(v8.30.0-3.fc
On Fri, 2017-11-03 at 07:55 -0400, Dr. Michael J. Chudobiak wrote:
> > After updating F26:
> >
> > syslog does not start!
>
>
> This fixed it for me:
>
> dnf --enablerepo=updates-testing upgrade libfastjson.x86_64
>
> - Mike
Thanks Mike, good to know,
but for now I think it's a security proble
After updating F26:
syslog does not start!
This fixed it for me:
dnf --enablerepo=updates-testing upgrade libfastjson.x86_64
- Mike
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproj
On Fri, 2017-11-03 at 13:43 +0200, Cristian Sava wrote:
> Hi all,
>
> After updating F26:
> rsyslog
> systemd
> systemd-libs
> systemd-pam
> systemd-udev
>
> syslog does not start!
>
Upgrading to F27 solve this but we saw that on ma
Hi all,
After updating F26:
rsyslog
systemd
systemd-libs
systemd-pam
systemd-udev
syslog does not start!
[root@*** ~]# systemctl status syslog
● rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled;
vendor preset: enabled
Hi all;
Fedora 25 - KDE spin on a thinkpad x1 carbon 4th gen -
Getting kernel errors to all screens
I changed this line in /etc/rsyslog.conf
#kern.* /dev/console
to this:
kern.* /var/log/messages
but kernel messages are still going to all te
en working for quite some time.
> I have rsyslog installed and configured to log mail to
> /var/log/maillog. It's never had a problem, but for some reason
> yesterday it started intermittently stop logging for about three
> minutes, then catch up with the three minutes of missed data bef
Hi,
I have a fedora23 mail server that's been working for quite some time.
I have rsyslog installed and configured to log mail to
/var/log/maillog. It's never had a problem, but for some reason
yesterday it started intermittently stop logging for about three
minutes, then catch up with
Andrew R Paterson wrote:
> On Wednesday 25 November 2015 13:57:49 Timothy Murphy wrote:
>> I'm running Fedora-23/KDE, and am trying to activate /var/log/messages,
>> but when I run "sudo systemctl restart rsyslog" I get the entry
>> imjournal: fs
On Wednesday 25 November 2015 13:57:49 Timothy Murphy wrote:
> imjournal: fscanf on state file `/var/lib/rsyslog/imjournal.state' failed
A quick google gives something that may be relevent
https://bugzilla.redhat.com/show_bug.cgi?id=1095784
--
users mailing li
Thanks very much for your response,
> I've made the two changes you suggest above,
> and will see if they have the desired effect on re-booting.
Unfortunately, I still get the error I mentioned,
imjournal: fscanf on state file `/var/lib/rsyslog/imjournal.state' failed
>&
Tom Horsley wrote:
>> Has anyone managed to get information in /var/log/messages
>> as in pre-systemd days?
>
> From my notes on restoring sanity in fedora 22:
>
> edit /etc/systemd/journald.conf set Storage=none, ForwardToSyslog=yes
Thanks very much for your response,
I've made the two changes
On Wed, 25 Nov 2015 11:59:43 +
Timothy Murphy wrote:
> Has anyone managed to get information in /var/log/messages
> as in pre-systemd days?
From my notes on restoring sanity in fedora 22:
edit /etc/systemd/journald.conf set Storage=none, ForwardToSyslog=yes
install rsyslog if it
I'm running Fedora-23/KDE, and am trying to activate /var/log/messages,
but when I run "sudo systemctl restart rsyslog" I get the entry
Nov 25 11:40:35 william rsyslogd-2027: imjournal:
fscanf on state file `/var/lib/rsyslog/imjournal.state' failed
Depends on what you are trying to achieve:
:msg, contains, "some string" stop
(on one line) will discard any message containing "some string".
:msg, contains, "some other string" /var/log/messages
& stop
(across two lines) will cause any message containing "some other
string" to be logged in me
Or use syslog-ng :) Rainer's ideas about the syntax and documentation is
quite interesting :)
L
I have a bunch of lines like this in
/etc/rsyslog.d/systemd-drivel.conf:
:msg, contains, "Activating via systemd" ~
:msg, contains, "Activation via systemd failed" ~
Every time I boot, rsyslogd compla
On Sun, Aug 9, 2015 at 7:11 PM, Tom Horsley wrote:
>
> I have a bunch of lines like this in
> /etc/rsyslog.d/systemd-drivel.conf:
>
> :msg, contains, "Activating via systemd" ~
> :msg, contains, "Activation via systemd failed" ~
>
> Every time I boot, rsyslogd complains about
> the deprecated synt
On Sun, 09 Aug 2015 16:44:51 -0700
Doug H. wrote:
> > So basically I replace the ~ with & stop ?
>
> I don't remember why I put it on the second line but I suspect I found
> something via google.
Well, when I try it, rsyslogd won't start, so it hates
something about my file.
I guess I'll stic
On Sun, 2015-08-09 at 19:36 -0400, Tom Horsley wrote:
> On Sun, 09 Aug 2015 16:28:16 -0700
> Doug H. wrote:
>
> > :fromhost-ip, isequal, "192.168.10.1" /var/log/pace.log
> > & stop
>
> So basically I replace the ~ with & stop ?
I don't remember why I put it on the second line but I suspect I fo
On Sun, 09 Aug 2015 16:28:16 -0700
Doug H. wrote:
> :fromhost-ip, isequal, "192.168.10.1" /var/log/pace.log
> & stop
So basically I replace the ~ with & stop ?
Is it really on the 2nd line or did the email line wrap? :-).
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or ch
On Sun, 2015-08-09 at 19:11 -0400, Tom Horsley wrote:
> I have a bunch of lines like this in
> /etc/rsyslog.d/systemd-drivel.conf:
>
> :msg, contains, "Activating via systemd" ~
> :msg, contains, "Activation via systemd failed" ~
>
> Every time I boot, rsyslogd complains about
> the deprecated sy
I have a bunch of lines like this in
/etc/rsyslog.d/systemd-drivel.conf:
:msg, contains, "Activating via systemd" ~
:msg, contains, "Activation via systemd failed" ~
Every time I boot, rsyslogd complains about
the deprecated syntax:
Aug 9 18:39:21 zooty rsyslogd-2307: warning: ~ action is depre
On 06/11/15 03:11, Mark C. Allman wrote:
> I see this line in /etc/logrotate.d/syslog:
>
> /bin/kill -HUP `cat /var/run/syslogd.pid 2>/dev/null` 2>/dev/null||true
>
> The PID file for rsyslog is actually /var/run/rsyslogd.pid, therefore
> once logrotate runs the new l
I see this line in /etc/logrotate.d/syslog:
/bin/kill -HUP `cat /var/run/syslogd.pid 2>/dev/null` 2>/dev/null||true
The PID file for rsyslog is actually /var/run/rsyslogd.pid, therefore
once logrotate runs the new log files, e.g., messages, maillog, etc.,
are empty. Sound like a bug to y
On Fri, Mar 6, 2015 at 11:42 AM, Glenn Holmer wrote:
> On 03/05/2015 07:28 PM, Dan Irwin wrote:
>>
>> Honestly, most people (as in net/sys admins) don't even use Linux
>> anymore. They use Windows 7 or Macs.
>
> Huh?
Perhaps he means something like
http://mjg59.dreamwidth.org/31714.html
--
user
2015-03-07 11:04 GMT+02:00 Tim :
> On Fri, 2015-03-06 at 08:28 -0700, Pete Travis wrote:
>> No, the journalctl man page does not tell you about ntp logs, nor do
>> the rsyslog pages explain grep :)
>
> ;-)
>
> The man page suggested that the search parameter was a serv
On Fri, 2015-03-06 at 08:28 -0700, Pete Travis wrote:
> No, the journalctl man page does not tell you about ntp logs, nor do
> the rsyslog pages explain grep :)
;-)
The man page suggested that the search parameter was a service name
(that I wouldn't know, at the time), as opposed to j
HI
On Fri, Mar 6, 2015 at 11:42 AM, Glenn Holmer wrote:
> On 03/05/2015 07:28 PM, Dan Irwin wrote:
> > Honestly, most people (as in net/sys admins) don't even use Linux
> > anymore. They use Windows 7 or Macs.
>
He probably means that they are using Mac or Windows to manage Linux
servers remote
On 03/05/2015 07:28 PM, Dan Irwin wrote:
> Honestly, most people (as in net/sys admins) don't even use Linux
> anymore. They use Windows 7 or Macs.
Huh?
--
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."
--
users mailing list
users@lists.f
, you can do `journalctl -u chronyd -otherfilters`.
Also, just like with less or vim, you can press '/' in parsed log output
then type a string to search for.
No, the journalctl man page does not tell you about ntp logs, nor do the
rsyslog pages explain grep :)
--Pete
--
users m
On Wed, 2015-03-04 at 12:04 -0700, Pete Travis wrote:
> If you're open to typing a different command to access logs, here are
> a few you might find interesting:
Only the other day, I wanted to see what the NTP client, or whatever it
is called now, was up to. I couldn't find an easy way to do wh
On Thu, Mar 5, 2015 at 10:39 AM, Bill Oliver wrote:
>
> What I care about as a *user* is turning on my computer and being able to
> get my work done without making futzing with the box my primary focus. I
> want my *work* to be my primary focus. I prefer to admin my own machines
> for a number
Thank you Tom, you are helpful as always.
On Tue, Mar 3, 2015 at 9:19 PM, Tom Horsley wrote:
> On Tue, 3 Mar 2015 13:46:43 +1000
> Dan Irwin wrote:
>
> > Hi all,
> >
> > What kind of secret voodoo does one need to use rsyslog on a systemd
> > system? Is it ev
ecide are necessarily
the developers of the change itself. There's a change process through
FESCo, just like this one. With Fedora 21, productization resulted in
just the server product reverting to including and enabling rsyslog by
default.
> My hope is to catch the eye of the decision maker
> I demonstrated several simple and practical commands that have
real-life
> use cases, where similar filtering would not be as
simple or direct with
> bare rsyslog. The addition of journald
was not arbitrary, and I was
> offering genuinely helpful advice,
not trolling.
>
>
On Mar 5, 2015 1:03 AM, "Chris Murphy" wrote:
>
> logrotate-3.8.7-4.fc21.x86_64 is already installed by default with
> Fedora 21 Workstation. I don't know why, seems unnecessary. But it's
> there.
>
Don't forget this covers more than just syslog messages...
Httpd logs for instance need logrotate
On Wed, Mar 4, 2015 at 6:05 PM, Tom Horsley wrote:
> On Wed, 4 Mar 2015 19:50:11 -0500
> Tom H wrote:
>
>> I just did a clean install of F21 with rsyslog and it's logging to
>> "/var/log/messages" and co without any edits.
>
> I get about 1/10th of the
On Wed, 4 Mar 2015 19:50:11 -0500
Tom H wrote:
> I just did a clean install of F21 with rsyslog and it's logging to
> "/var/log/messages" and co without any edits.
I get about 1/10th of the log messages in /var/log/messages
with a "standard" install, there is so
logrotate-3.8.7-4.fc21.x86_64 is already installed by default with
Fedora 21 Workstation. I don't know why, seems unnecessary. But it's
there.
Chris Murphy
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/l
#x27;s a *user* talking about *user* issues.
> And the response of "well, if you don't like it, become a developer" isn't
> really a viable answer.
No one said become a developer. There's a clear way to get the same
rsyslog behavior on Fedora 21 Workstation as on Fedora 21
On Wed, Mar 4, 2015 at 5:20 PM, Tom Horsley wrote:
> On Wed, 4 Mar 2015 15:53:15 Tom H wrote:
>>
>> The reason that you have to make these changes to rsyslog.conf and
>> journal.conf is that rsyslog is set up to get journal logs by default
>> via its imjournal mod
ly based on any technical technical argument .
As to your question, there are probably answers in various mailing list
archives. Fedora editions that wanted to have rsyslog do, others do
not. Consensus on the user support mailing list is not a prerequisite for
change. If you want to participate
On Mar 4, 2015 3:17 PM, "Will Yonker" wrote:
>
> >> Doesn't this depend on what version you install? I think the
> >> workstation
> > version does not include rsyslog whereas the server version does.
> >>
> >> I too found it more than a
On Wed, 4 Mar 2015 15:53:15 -0500
Tom H wrote:
> The reason that you have to make these changes to rsyslog.conf and
> journal.conf is that rsyslog is set up to get journal logs by default
> via its imjournal module. So your changes aren't necessary; unless
> there's a
>> Doesn't this depend on what version you install? I think the
>> workstation
> version does not include rsyslog whereas
the server version does.
>>
>> I too found it more
than a little concerning when I was trying to help
> troubleshoot
an issue on one o
On Tue, Mar 3, 2015 at 6:19 AM, Tom Horsley wrote:
> On Tue, 3 Mar 2015 13:46:43, Dan Irwin wrote:
>>
>> What kind of secret voodoo does one need to use rsyslog on a systemd
>> system? Is it even possible?
>
> From my notes on making fedora usable:
>
> rsyslog i
On 03/04/2015 11:04 AM, Pete Travis wrote:
If you're open to typing a different command to access logs, here are a
few you might find interesting:
And, of course, if you use any of them frequently, you can always use
alias to make things simpler.
--
users mailing list
users@lists.fedoraprojec
On Mar 4, 2015 8:41 AM, wrote:
>
> > On Tue, 3 Mar 2015 13:46:43 +1000
> > Dan Irwin wrote:
> >
> >> Hi all,
> >>
> >> What kind of secret voodoo does one need to use rsyslog on a systemd
> >> system? Is it even possible?
> >
&
On Wed, 4 Mar 2015 15:40:39 -
arag...@dcsnow.com wrote:
> Is there really a good reason to
> not use the messages file anymore?
If you are trying to use the system, no, there is no good reason.
If you are tying to sell more maintenance contracts, then yes,
changing things for no good reason
> On Tue, 3 Mar 2015 13:46:43 +1000
> Dan Irwin wrote:
>
>> Hi all,
>>
>> What kind of
secret voodoo does one need to use rsyslog on a systemd
>>
system? Is it even possible?
>
> From my notes on making
fedora usable:
>
> rsyslog isn't insta
On Tue, 3 Mar 2015 13:46:43 +1000
Dan Irwin wrote:
> Hi all,
>
> What kind of secret voodoo does one need to use rsyslog on a systemd
> system? Is it even possible?
From my notes on making fedora usable:
rsyslog isn't installed by default, so you get no log files
you can lo
On Mon, Mar 2, 2015 at 8:46 PM, Dan Irwin wrote:
> Hi all,
>
> What kind of secret voodoo does one need to use rsyslog on a systemd system?
> Is it even possible?
Yes it happens to be default on Fedora 21 Server and CentOS 7, works there.
systemctl status systemd-journald.sock
Hi all,
What kind of secret voodoo does one need to use rsyslog on a systemd
system? Is it even possible?
I have installed it, and I only get kernel boot messages in
/var/log/messages.
I find journalctl to be fundamentally braindead, lacking features which we
have taken for granted for decades
e on longer to find a cause)
>
> Tried to create a debug.log from the service file:
> [Service]
> EnvironmentFile=-/etc/sysconfig/rsyslog
> ExecStart=/sbin/rsyslogd -n $SYSLOGD_OPTIONS -dn
>> /var/log/rsyslog.log
> Sockets=syslog.socket
> StandardOutput=null
>
>
]
EnvironmentFile=-/etc/sysconfig/rsyslog
ExecStart=/sbin/rsyslogd -n $SYSLOGD_OPTIONS -dn
> /var/log/rsyslog.log
Sockets=syslog.socket
StandardOutput=null
I'm getting a failed on
systemctl status rsyslog.service
Process: 24737 ExecStart=/sbin/rsyslogd -n $SYSLOGD_OPTIONS -dn
&g
On Sat, 29 Dec 2012 18:28:38 +0800
Ed Greshko wrote:
> On 12/29/2012 06:20 PM, Frank Murphy wrote:
> > logwatch tells me rsyslog is stopped
> > on a F17.i686 box, always manually restart.
> >
> > Anyone know how to use monit, to restart rsyslog.
> > Their w
On 12/29/2012 06:20 PM, Frank Murphy wrote:
> logwatch tells me rsyslog is stopped
> on a F17.i686 box, always manually restart.
>
> Anyone know how to use monit, to restart rsyslog.
> Their wiki is giving a 403 at the moment.
>
>
http://mmonit.com/monit/documentation/ ??
logwatch tells me rsyslog is stopped
on a F17.i686 box, always manually restart.
Anyone know how to use monit, to restart rsyslog.
Their wiki is giving a 403 at the moment.
--
Regards,
Frank
Life's importand Questions!
"Why Snowhite never advertised for 7up"
--
users mai
f that router. BUT, the SRC is simply a
portion of the message that iptables is logging and has nothing to do with
:source in rsyslog.
So. to stop filling up you logs you'll either have to address your logging
problem in iptables or mask that problem. (I've never been a fan
On 20/08/12 12:28, Ed Greshko responds:
"tomato" is your router, right? Not a Fedora machine, right?
Those log entries are being written by "localhost". They are iptables log
entries. Now, I see you having 2 choices.
1. You could post your iptables rules and and have someone debug the
On 08/21/2012 12:17 AM, Bob Goodwin - Zuni, Virginia, USA wrote:
> Ok, but I Have not intentionally done anything to accomplish that. This must
> result from tomato's logging? It' internal log displays:
>
> snip
>
>> Aug 20 12:12:09 localhost user.warn kernel: ACCEPT IN
o have a rule set up to log entries with "ACCEPT" which is certain to fill up
your log files.
I think your "problem" is really in your iptables setup and nothing to do with
rsyslog.
Ok, but I Have not intentionally done anything to accomplish that. This
must result from tom
up your log files.
I think your "problem" is really in your iptables setup and nothing to do with
rsyslog.
--
Programming today is a race between software engineers striving to build bigger
and better idiot-proof programs, and the Universe trying to produce bigger and
better idiots. S
On 20/08/12 11:42, Ed Greshko responds:
On 08/20/2012 11:29 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
It doesn't seem to accept double quotes, single still yields an
error message.
[bobg@box9 ~]$ cat /var/log/tomato.log
Aug 20 11:02:27 box9 rsyslogd: the last error
On 08/20/2012 11:29 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
>It doesn't seem to accept double quotes, single still yields an
>error message.
>
>[bobg@box9 ~]$ cat /var/log/tomato.log
>
>Aug 20 11:02:27 box9 rsyslogd: the last error occured in
>/etc/rsyslog.d/em
On 20/08/12 10:54, Ed Greshko responds:
On 08/20/2012 10:44 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
I've tried several forms:
/etc/rsyslog.d/emptyfile.conf
:source, isequal, 192.168.1.9 /var/log/tomato.log
:source, isequal, 192.168.1.9 ~
But can't find the rig
On 08/20/2012 10:44 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
> I've tried several forms:
>
>/etc/rsyslog.d/emptyfile.conf
>
>:source, isequal, 192.168.1.9 /var/log/tomato.log
>:source, isequal, 192.168.1.9 ~
>
>But can't find the right one.
I believe you need either
On 20/08/12 10:26, Bob Goodwin - Zuni, Virginia, USA responds:
On 19/08/12 21:08, Ed Greshko responds:
FWIW, I use rsyslog to log messages from my Dlink router. I don't use the
"source" method. I simply have this in my rsyslog.conf
if $msg contains 'D-Link'
On 19/08/12 21:08, Ed Greshko responds:
FWIW, I use rsyslog to log messages from my Dlink router. I don't use the
"source" method. I simply have this in my rsyslog.conf
if $msg contains 'D-Link' then /var/log/dlink.log
since an entry from the router looks like
urce, isequal, tomato ~
>
>Same result though.
FWIW, I use rsyslog to log messages from my Dlink router. I don't use the
"source" method. I simply have this in my rsyslog.conf
if $msg contains 'D-Link' then /var/log/dlink.log
since an entry from the router l
On 19/08/12 17:11, Heinz Diehl types:
On 19.08.2012, Bob Goodwin - Zuni, Virginia, USA wrote:
[bobg@box9 rsyslog.d]$ cat emptyfile
# /etc/rsyslog.d/emptyfile
:source, isequal, 192.168.1.9 /var/log/tomato.log
:source, isequal, 192.168.1.9 ~
Actually I even tried naming
On 19/08/12 17:11, Heinz Diehl types:
On 19.08.2012, Bob Goodwin - Zuni, Virginia, USA wrote:
[bobg@box9 rsyslog.d]$ cat emptyfile
# /etc/rsyslog.d/emptyfile
:source, isequal, 192.168.1.9 /var/log/tomato.log
:source, isequal, 192.168.1.9 ~
Actually I even tried naming
On 19.08.2012, Bob Goodwin - Zuni, Virginia, USA wrote:
>[bobg@box9 rsyslog.d]$ cat emptyfile
># /etc/rsyslog.d/emptyfile
>
>:source, isequal, 192.168.1.9 /var/log/tomato.log
>:source, isequal, 192.168.1.9 ~
>
>Actually I even tried naming it emptyfile.conf out of desper
've
tried has worked?
Here's what works for me:
1. Go to /etc/sysconfig/rsyslog and add the "-r" option to the
parameters for rsyslogd (as far as I know, the "-r" option has been
obsoleted some time ago, and is replaced by 2., so just try or read
the manpages).
2. Go to /
ied has worked?
> Here's what works for me:
>
> 1. Go to /etc/sysconfig/rsyslog and add the "-r" option to the
> parameters for rsyslogd (as far as I know, the "-r" option has been
> obsoleted some time ago, and is replaced by 2., so just try or read
&
On 19.08.2012, Bob Goodwin - Zuni, Virginia, USA wrote:
> Can someone tell me the proper command to save log data to "
> /home/bobg/xxlog" instead of filling up "var/log/messages" nothing I've
> tried has worked?
Here's what works for me:
1. Go to /etc/sy
Can someone tell me the proper command to save log data to "
/home/bobg/xxlog" instead of filling up "var/log/messages" nothing I've
tried has worked?
[bobg@box9 ~]$ less /etc/rsyslog.conf
.. snip
.#$ActionResumeRetryCount -1# infinite retries if hos
95 matches
Mail list logo
