I'm the server manager of a Linux system and I allready setup the syslog daemon for our needs. The problem is that the syslogd is not working as I spected. For example, in some of the log files there are only "--- MARK ---" lines without any other information. Maybe the config file is setup wrong or I need to do something else.
I will apreciate if someone can help me. I also include the config file and the log files that aren't working as expected.
Thank you!
----- Config File -----
# /etc/syslog.conf - Configuration file for syslogd(8) # # For info about the format of this file, see "man syslog.conf". #
# # # print most on tty10 and on the xconsole pipe # kern.warn;*.err;authpriv.none /dev/tty10 kern.warn;*.err;authpriv.none |/dev/xconsole *.emerg *
# enable this, if you want that root is informed # immediately, e.g. of logins #*.alert root
# # all email-messages in one file # mail.* -/var/log/mail
# # all news-messages # # these files are rotated and examined by "news.daily" news.crit -/var/log/news/news.crit news.err -/var/log/news/news.err news.notice -/var/log/news/news.notice # enable this, if you want to keep all news messages # in one file #news.* -/var/log/news.all
# # Warnings in one file # *.=warn;*.=err /var/log/warn *.crit /var/log/warn
# # save the rest in one file # *.*;mail.none;news.none -/var/log/messages
# # enable this, if you want to keep all messages # in one file #*.* -/var/log/allmessages
# # Some foreign boot scripts require local7 # local0,local1.* -/var/log/localmessages local2,local3.* -/var/log/localmessages local4,local5.* -/var/log/localmessages local6,local7.* -/var/log/localmessages
kern.* /var/log/firewall
# # personal configuration #
authpriv.* /var/log/syslog cron.* /var/log/cronlog daemon.warn /var/log/warn syslog.* -/var/log/syslog.log user.*;user.!warn -/var/log/userlog user.warn /var/log/userlog.warn
----- cronlog -----
Nov 12 12:59:00 proxy /USR/SBIN/CRON[5079]: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
Nov 12 13:15:00 proxy /USR/SBIN/CRON[5129]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:30:00 proxy /USR/SBIN/CRON[5188]: (root) CMD (/sbin/proc2 2> /dev/null)
Nov 12 13:30:00 proxy /USR/SBIN/CRON[5191]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:45:00 proxy /USR/SBIN/CRON[5241]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:59:00 proxy /USR/SBIN/CRON[5285]: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
Nov 12 14:15:01 proxy /USR/SBIN/CRON[5331]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
----- messages -----
Nov 12 12:59:00 proxy /USR/SBIN/CRON[5079]: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
Nov 12 13:15:00 proxy /USR/SBIN/CRON[5129]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:29:30 proxy -- MARK --
Nov 12 13:30:00 proxy /USR/SBIN/CRON[5188]: (root) CMD (/sbin/proc2 2> /dev/null)
Nov 12 13:30:00 proxy /USR/SBIN/CRON[5191]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:45:00 proxy /USR/SBIN/CRON[5241]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 13:59:00 proxy /USR/SBIN/CRON[5285]: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
Nov 12 14:09:30 proxy -- MARK --
Nov 12 14:15:01 proxy /USR/SBIN/CRON[5331]: (root) CMD (/sbin/proc1 >> /home/admin/report.txt 2> /dev/null)
Nov 12 14:21:52 proxy kernel: Kernel logging (proc) stopped.
Nov 12 14:21:52 proxy kernel: Kernel log daemon terminating.
Nov 12 14:21:53 proxy exiting on signal 15
Nov 12 14:21:54 proxy syslogd 1.3-3: restart.
Nov 12 14:21:57 proxy kernel: klogd 1.3-3, log source = /proc/kmsg started.
Nov 12 14:21:57 proxy kernel: Inspecting /boot/System.map-2.4.4-64GB-SMP
Nov 12 14:21:57 proxy kernel: Loaded 11112 symbols from /boot/System.map-2.4.4-64GB-SMP.
Nov 12 14:21:57 proxy kernel: Symbols match kernel version 2.4.4.
Nov 12 14:21:57 proxy kernel: Loaded 326 symbols from 4 modules.
Nov 12 14:41:54 proxy -- MARK --
Nov 12 15:01:54 proxy -- MARK --
Nov 12 15:41:54 proxy -- MARK --
Nov 12 16:01:54 proxy -- MARK --
Nov 12 16:21:54 proxy -- MARK --
... and so on
Nov 13 00:15:11 proxy su: (to nobody) root on none
Nov 13 00:15:11 proxy PAM-unix2[7419]: session started for user nobody, service su
Nov 13 00:20:14 proxy PAM-unix2[7419]: session finished for user nobody, service su
Nov 13 00:41:54 proxy -- MARK --
Nov 13 01:01:54 proxy -- MARK --
Nov 13 01:21:54 proxy -- MARK --
...
Nov 14 00:15:13 proxy su: (to nobody) root on none
Nov 14 00:15:13 proxy PAM-unix2[11521]: session started for user nobody, service su
Nov 14 00:20:47 proxy PAM-unix2[11521]: session finished for user nobody, service su
Nov 14 00:41:54 proxy -- MARK --
Nov 14 01:01:54 proxy -- MARK --
Nov 14 01:21:54 proxy -- MARK --
...
_________________________________________________________________ MSN. Más Útil Cada Día http://www.msn.es/intmap/
- : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
