Questions tagged [syslogd]
The syslogd tag has no summary.
26 questions
0 votes
1 answer
2k views
Ubuntu 20.04: trying to get syslog-ng and rsyslog to co-exist with systemd
I am stuck with rsyslog running in a corporate straight jacket. The config is completely set. I need to run a service to relay logs from a variety of sources and I use syslog-ng for this. I have this ...
- 313
0 votes
0 answers
506 views
RSyslogd is sending multiples CEF messages in the same Syslog message
There is a Python script sending multiple events to a remote host with Rsyslogd: CEF:0|Test|SIEMintegration|1|1|Normal|0| fileId=767000670128771115 CEF:0|Test|SIEMintegration|1|1|Normal|0| fileId=...
- 174
1 vote
0 answers
139 views
Large number of kernel messages 'testing the buffer'
My syslog shows hundreds of successive messages: ... Jun 4 09:18:21 www kernel: [55101.038066] testing the buffer Jun 4 09:18:21 www kernel: [55101.038181] testing the buffer Jun 4 09:18:21 www ...
- 121
1 vote
1 answer
4k views
remote logging using syslogd - Ubuntu 18.04.2 LTS - just will not send
so, playing with centralized logging and i just cannot get syslogd to send the messages to a remote syslog server. background: syslog server is setup and working, tested with other devices sending ...
- 30
2 votes
1 answer
4k views
How to restart rsyslog on alpine?
In my alpine 3.1..5 linux docker container, I installed rsyslog as: # apk add --no-cache rsyslog I am running rsyslogd as: # rm -f /var/run/rsyslogd.pid # rsyslogd How do I restart rsyslogd without ...
- 179
0 votes
0 answers
663 views
is there any way to filter in syslog (not rsyslog) such as programname?
I need to add filter in my syslogs. I know how to do in rsyslogs. But we need to add same logs in syslogs as well in legacy systems.Is there any way to do it? Corresponding rsyslog entries are: :msg,...
- 101
0 votes
1 answer
956 views
.resyslogd process is using 200% cpu [duplicate]
First of all, a disclamer, I am not a sys admin, I was just asked to check why a VM of ours is using a lot of the cpu. It turns out that this process is running for ever on 200% $top PID ...
- 131
4 votes
2 answers
3k views
Rewriting facility/severity in rsyslog v7 before shipping off to a remote collector
I have a machine "A" with a local rsyslogd, and a remote collector machine "B" elsewhere listening with its own syslog daemon and log processing engine. It all works great...except that there is one ...
- 139
0 votes
1 answer
3k views
syslogd to Remote Server with Template
All over the web I find examples for either (1) rsyslog to a remote server or (2) rsyslog with templates, but never both. When I have this /etc/rsyslog.conf on my Mac it sends to the remote server ...
- 420
1 vote
3 answers
1k views
syslogd no such file or directory - OpenBSD 3.9
OK - long story short: I have OpenBSD box that was setup as a network appliance (long time ago) I have returned to life. Several errors I am working on and could use any help I can get. Errors on ...
- 501
1 vote
0 answers
414 views
Why does syslog create a user.log instead using syslog.log?
I have experienced something a bit weird for me. I have filebeat monitoring my rsyslog (syslog.log) file and sending it to my logstash. I have noticed that after restarting filebeat where syslog is ...
- 193
0 votes
0 answers
811 views
Why corrupted rc.sysinit file create syslogd error
During boot the system hangs, and the last message while it hangs is: Starting system logger: Can't open or create /var/run/syslogd.pid. Can't write pid. After a while I discovered that /etc/init/rc....
- 123
0 votes
1 answer
4k views
Disabling syslogd messages
As I am working with the terminal, I see a lot of messages every some seconds saying that Message from syslogd@compute-0-0 at Jul 24 18:38:57 ... kernel:[ 723.595032] [Hardware Error]: ...
- 1,132
0 votes
1 answer
684 views
How to supress specific message in syslogd 1.4.1
Is there any way to suppress specific message in syslogd? I have couple of Linux Oracle 5.10 servers with syslogd 1.4.1 As all my servers are production servers - I can't upgrade syslogd to rsyslogd (...
- 3
4 votes
2 answers
3k views
Properly Configured Rsyslog on CentOS
I'm trying to configure Rsyslog 5.8.10 on CentOS 6.4 to send Apache's error and access logs to a remote server. It's working, but I have a couple questions. UPDATE: A, B and C are the only ones ...
- 1,975
2 votes
2 answers
2k views
syslogd filtering not working on FreeBSD
I am failing to get filtering by program or facility working in FreeBSD syslogd. I added local6.debug /var/log/test.log !testd *.debug /var/log/test.log to my /etc/syslog....
- 165
7 votes
2 answers
60k views
How to check syslog.d is running
My syslog is running correctly but out of curiosity how to check that syslog daemon is running. Is there anyway I could check the status like apache root@server1:/etc# /etc/init.d/apache2 status ...
- 429
0 votes
1 answer
3k views
Configuring 'audit' facility in syslog-ng on solaris server?
This is a follow-up to this question. mghocke was kind enough to help me out with that question, but this is really a separate question, therefor a new post. I really don't know a lot about syslog, ...
- 241
2 votes
1 answer
2k views
Moving from syslog.conf to syslogng.conf
I'm moving a Solaris box from syslogd to syslog-ng, because the Solaris version of syslogd obliterates the original source hostname on the logs. I'm looking through the syslogng.conf documentation, ...
- 241
1 vote
2 answers
4k views
Remote Logging with syslog
I have two machines running FreeBSD, bsdclient and bsdserver. I am trying to setup remote logging such that bsdclient sends all the logs to bsdserver. My syslog.conf on bsdclient goes like this *.* ...
- 115
2 votes
1 answer
8k views
Redirect all messages from dhcpd to its own log file?
I'd like to redirect all messages from dhcpd to their own log file, rather than having them appear in /var/log/messages. Here is the configuration on /etc/syslog.conf: !dhcpd *.* ...
- 143
0 votes
2 answers
377 views
OS X Server 10.4 postfix qmngr is suddenly using tons of resources
I have an Apple XServe G5, running 10.4 server, that I use primarily for my (small) companies website and internal email. Usually, the processor usage hovers around 5-10% total. As I have a rather ...
- 287
0 votes
1 answer
1k views
Syslog buffering
I have a large number of "client" machines (Mac Minis running OS X 10.6.3) that need to send data to a central server, also running OS X, so I am using remote syslogging to accomplish this. My ...
- 583
2 votes
2 answers
28k views
How can I force syslog traffic to use TCP instead of UDP?
Centos 5.x I'd like to have my syslog traffic use TCP instead of UDP. Does the stock syslog daemon for CentOS support this? If so, where would I set that option? -M
- 12.3k
0 votes
3 answers
6k views
Remote logging with Syslogd, can I change the hostname?
I am running ddwrt v24-sp2 on three WRT54GL routers. These routers all send their syslog information to the same remote server using syslogd The problem is that in the logs the hostname will change ...
- 358
1 vote
3 answers
8k views
syslogd: Logfile format (not configuration format)
I'd like to parse logfiles. Is the logfile format of syslogd the same for all systems? On my system (Debian Lenny), it's: Mar 7 04:22:40 my-host-name ... (I'm not much interested in the ... part) ...
- 4,422