logging

  1. ilya-shmel

    Add usermod, passwd and pkg events to syslog(-ng)

    Hello! I work with FreeBSD 13.2-RELEASE amd64 and send logs to a log-collector server (Debian 10 Buster). There's syslog-ng that have the config. Here's some additional lines to send logs to the remote server: 161 #log { source(src); destination(loghost); }; 162 destination lc_net {...
  2. ilya-shmel

    Where're audit logs in FreeBSD?

    Hello! I've set up the auditd service in FreeBSD 13.2-RELEASE amd64. in rc.conf auditd_enable="YES" in /etc/security/audit_control 4 dir:/var/audit 5 dist:off 6 flags:lo,aa,ad,ap,ex,fa,fm,pc 7 minfree:5 8 naflags:lo,aa 9 policy:cnt,argv 10 filesz:100M 11 expire-after:10000M...
  3. Sergei_Shablovsky

    BSD-based fw/router: ZFS on SSD RAID10 efficiency

    Hi FreeBSD Gurus! In case using bsd-based bare metal rack server as a gate fw/router: 1. How effectively would be using ZFS (in comparison to GPT, etc) file system in hardware RAID10 (4 of SSD TLC/MLC drives) ? 2. Is separating of /var, /tmp (also may be /usr) to another disk's logical volume...
  4. Buck

    What happens to a process when it can't keep up with writing logs?

    Consider the following scenario: I placed httpd logs on a very slow device, yet the rest of the system is quite fast. And I start serving lots of pages, very fast, where the log partition just can't keep up, i.e. serving a page completes in way less time than writing a single log entry. What...
  5. J

    Solved Log file rotation by size and time

    Logfile rotation, which is handled by newsyslog, can be done based on 1) max size of file, 2) at certain time. My questions is: how does it work when both the conditions are specified? I'd expect it'll rotate when any one condition is met. Is that correct? But for example, in my newsyslog.conf...
  6. C

    Logging for process swap in/out....

    I had a virtual machine with limited RAM(4GB RAM+4GB swap partition,and 90M swap used). When I connect to it,some service might suffer tremendous lag for initial response(about 7-8sec). But once I got initial response,the following activity seems just fine. So I suspect that some process had...
  7. S

    Log Data Format

    I am trying to write a highly customized script in Python2.7 in order to persist some specific logging data. I have been using syslog-ng for a long time to that end, but I believe (and hope) that a simple Python script will handle things faster and will save me the hassle of installing and...
  8. goshanecr

    What web interface for sysutils/rsyslog8 exist in ports?

    Good day! I have a FreeBSD 11.1 + Rsyslog + MySQL installation. And I need a web interface for log view. But almost all manuals suggests loganalyser for this. But it doesn't exist in ports. Maybe deleted some time ago? So what software I can use for centralize log view through web interface?
  9. poorandunlucky

    Solved How to use syslog to log maintenance scripts' activity?

    Hey, would anyone be able to tell me how I could use syslog to log stuff I do in my management scripts? Like I'd like to start writing scripts to automate some of the system's maintenance, but one of the things that's stopping me, I think, is that I don't really have an easy way to log what's...
  10. Josh Rea

    Solved Shell Scripting Output to File and Screen

    Hello all, I wrote a script to direct all output to a log file, but I'd like to echo certain things during the process of the script to screen output if I can. I haven't been able to find anything related to this searching online, and the man page for sh is cryptic for me (as of now). Sample of...
  11. amity88

    Solved Auditing: How to log "permission denied" events?

    Hi guys, I'm looking for a way to record events when an user tries to access or execute a command/file that he doesn't have permissions to. So far, it seems like auditd is the way to go but I just can't get the configuration right. I've tried using ex,pc and na classes but...
  12. S

    syslog config for sftp logging

    I'm on FreeBSD11. I changed syslog config file to log sftp actions in a file, but it doesn't work. /etc/ssh/sshd_config Subsystem sftp /usr/libexec/sftp-server -f LOCAL5 -l INFO /etc/syslog.conf local5.info /var/log/sftp/sftp.log Then I...
  13. Nyantastic

    Prevent core dumps from going to kernel log messages

    How can I prevent core dumps of user programs from going to kernel log messages? At the moment if I am programming and happen to make the common error of segmentation fault, it ends up getting emailed to root like this: kernel log messages: +pid 75441 (ds2-test), uid 1001: exited on signal 11...
  14. G

    OpenJDK8 logs

    Hallo everybody. I'm having problems to use a third software (the installation is completely correct). To continue developing that software, first of all, I'd like to see the logs of OpenJDK. By default, they are not configured; I've tried to find a way to configure them, but I didn't find...
  15. Charlie Root

    Solved auth.log for new user is created

    Hi, Can someone help to know how to log the action create new user by adduser command to /var/log/auth.log file? Thank for your help!
  16. A

    isc-dhcpd logging

    Hey everyone, I faced an issue with dhcpd logging. Configured logging: gw# less /usr/local/etc/dhcpd.conf | grep log log-facility local7; gw# less /etc/rc.conf | grep dhcpd dhcpd_enable="YES" dhcpd_ifaces="em3" gw# cat /etc/syslog.conf | grep dhcpd !dhcpd *.*...
  17. J

    PF I can't log the blocked packets

    I'm trying to set up a pf firewall. I'd like to log all the dropped packets. Here's my pf.conf so far: tcp_internet_out="{53, 80, 443, 123}" udp_internet_out="{53}" block log all pass in quick on lo0 pass out quick on lo0 pass in quick on re0 inet proto tcp from any to (re0) port 22 pass out...
Back
Top