Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Controlling logfiles
Top Forums UNIX for Dummies Questions & Answers Controlling logfiles Post 25940 by binhnx2000 on Thursday 8th of August 2002 12:11:40 AM
Old 08-08-2002
Hammer & Screwdriver
All log file to config at: /etc/syslog.conf = = > You can view and edit it. If you want control a log file:

- Add
- Del
- Stop
....
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Logfiles

My server has only has access logs turned on. How do I turn on the other standard logs (i.e. I'd like to see the referring urls). Thanks in advance. (3 Replies)
Discussion started by: pingdom
3 Replies

2. UNIX for Advanced & Expert Users

Output all commands to logfiles ???

Dear Forum, My .cshrc settings are embedded in a massive jungle of code distributed all over the place, where finding anything is a "needle in a haystack" daily pain in the royal backside. Is there anyway, i can dump out every command and file executed to STDOUT after sourcing my .cshrc ??? ... (2 Replies)
Discussion started by: fawqati
2 Replies

3. Shell Programming and Scripting

Logfiles E-mailed

Hi All There are some cron jobs ,which runs 24 hrs. Log files are generated when one job fails. So I need the log files to be emailed to my personal e-mail id. So that I can see the log files at my home If there is any error. How can I implement this in Unix shell programming. Thanks... (4 Replies)
Discussion started by: deep_kol
4 Replies

4. Shell Programming and Scripting

split monthly logfiles into daily logfiles

Hi, I have a lot of logfiles like fooYYYYMM.log (foo200301.log, foo200810.log) with lines like YYYY-MM-DD TIMESTAMP,text1,text2,text3... but I need (for postprocessing) the form fooYYYYMMDD.log (so foo200402.log becomes foo20040201.log, foo20040202.log...) with unmodified content of lines. ... (1 Reply)
Discussion started by: clzupp
1 Replies

5. Shell Programming and Scripting

Logfiles

Hi All, I have a peculiar problem. I will call a script from another script. Script abc.ksh is called by ABC.ksh as ABC.ksh abc.ksh in abc.ksh I will create and redirect all the statements to log file. ABC.ksh will also has a log file. I want all the logs generated in file abc in ABC... (5 Replies)
Discussion started by: javeed7
5 Replies

6. UNIX for Dummies Questions & Answers

Gzip many logfiles in one time

Hi All, I am working on a script and i am now been stuck in the mid of it.. My Script actually list the files consuming large disk it need compress the log files.. Here are the files Hello_2009_10_22.log Hello_2009_10_23.log.gz Hello_2009_10_24.log.gz Hello_2009_10_22.log... (2 Replies)
Discussion started by: sumithra
2 Replies

7. Red Hat

logrotate httpd logfiles

Hi, I need to logrotate logs in directories in /var/log/httpd/. There are 4 directories in /var/log/httpd/... these directories are /var/log/httpd/access/ /var/log/httpd/debug/ /var/log/httpd/error/ /var/log/httpd/required/ Each of the access, required, error and debug directories have around... (1 Reply)
Discussion started by: renuka
1 Replies

8. Shell Programming and Scripting

How to write a bourne shell to do with logfiles??

Hi,I have a task have to do is writing an only Bourne shell to do with logfiles. Because I am not really a programmer,just unix administrator. So I need someone can do this for me. The requirement is 1,be able to run in an environment that does not include a path. (i.e. the environment... (2 Replies)
Discussion started by: lemon_06
2 Replies

9. Shell Programming and Scripting

How to find ip addresses in logfiles?

Hi guys, I need to check a few log files as below to find out whether certain ip addresses is present on these log files. type8code0: ls -alt -rw-r--r-- 1 root other 796219588 Mar 20 02:25 logfile drwxr-xr-x 2 root root 1536 Mar 20 02:00 . -rw-r--r-- ... (3 Replies)
Discussion started by: type8code0
3 Replies

10. Red Hat

"rhgb quiet" controlling the display of commands in single user mode ?"rhgb quiet" controlling the d

Why does removing "rhgb quiet" from the kernel boot parameters control whether or not the commands I enter are displayed in single user mode ? For instance, if I do not remove "rhgb quiet", when I am in single user mode, whatever command I type will not be displayed on the screen. The... (0 Replies)
Discussion started by: Hijanoqu
0 Replies

LEARN ABOUT CENTOS

sealert

sealert(8)																sealert(8)

NAME

       sealert - setroubleshoot client tool

SYNOPSIS

       sealert [-b] [-f local_id] [-h] [-s] [-S] [-l id] [-a file] [-u] [-p] [-P plugin_name]

DESCRIPTION

       This manual page describes the sealert program.

       sealert	is  the  user  interface  component  (either GUI or command line) to the setroubleshoot system. setroubleshoot is used to diagnose
       SELinux denials and attempts to provide user friendly explanations for a SELinux denial (e.g. AVC) and recommendations for  how	one  might
       adjust the system to prevent the denial in the future.

       In a standard configuration setroubleshoot is composed of two components, setroubleshootd and sealert.

       setroubleshootd is a system daemon which runs with root privileges and listens for audit events emitted from the kernel related to SELinux.
       The audit daemon must be running.  The audit daemon sends a dbus message to the setroubleshootd daemon when the system gets an SELinux  AVC
       denial.	The setroubleshootd daemon then runs a series of analysis plugins which examines the audit data related to the AVC. It records the
       results of the analysis and signals any clients which have attached to the setroubleshootd daemon that a new alert has been seen.

       sealert can be run in either a GUI mode or a command line mode. In both instances sealert run as a user process with the privileges associ-
       ated  with  the	user. In GUI mode it attaches to a setroubleshootd server instance and listens for notifications of new alerts. When a new
       alert arrives it alerts the desktop user via a notification in the status icon area.  The user may then click  on  the  alert  notification
       which will open an alert browser. In addition to the current alert sealert communicates with the setroubleshootd daemon to access all prior
       alerts stored in the setroubleshoot database.

       The user may elect to tag any given alert as "ignore" in the browser which prevents any future notification for the given  alert.  This	is
       useful when a user is already aware of a reoccurring problem.

       sealert may also be run in command line mode. The two most useful command line options are -l to "lookup" an alert ID and -a to "analyze" a
       log file. When setroubleshootd generates a new alert it assigns it a local ID and writes this as a syslog message. The -l lookup option may
       then be used to retrieve the alert from the setroubleshootd alert database and write it to stdout. This is most useful when setroubleshootd
       is being run on a headless system without the GUI desktop alert facility. The -a analyze option is equivalent to the "Scan Logfile" command
       in the browser. The log file is scanned for audit messages, analysis is performed, alerts generated, and then written to stdout.

LOG FILE SCANNING

       You may ask sealert to parse a file accumulating all the audit messages it finds in that file. As each audit event is recognized it is pre-
       sented for analysis which may generate an alert report if the analysis was successful. If the same type of event  is  seen  multiple  times
       resulting  in  the same report the results are coalesced into a single report. The report count field will indicate the number of times the
       tool thought it saw the same issue. The report will also include a list of every line number on which it found an audit record  which  con-
       tributed to the coalesced report. This will allow you to coordinate the contents of the file with the analysis results if need be.

       Log  file  scanning may be initiated from the sealert browser via the File::ScanLogFile menu or from the command line via 'sealert -a file-
       name'. Please note that sealert runs as a user level process with the permissions of the user running it. Many system log files	are  read-
       able  by  root  only.  To work around this if you have root access one can copy the file as root to a temporary file and change its permis-
       sions. This is a good solution when scanning via the GUI as a normal user. Or you might consider su'ing to root and run	the  analysis  via
       the command line (e.g. sealert -a filename).

       The audit records in the log file must be valid syntactically correct audit messages or the parser will ignore them.

OPTIONS

       -b --browser
	      Launch the browser

       -f --fix
	      Execute the fix command for the avc with the given uuid and plugin, requires --plugin option.

       -h --help
	      Show this message

       -s --service
	      Start sealert service,  Usually used by dbus.

       -S --noservice
	      Start sealert without dbus service as stand alone app

       -l --lookupid id
	      Lookup alert by id, if id is wildcard * then return all alerts

       -a --analyze file
	      Scan a log file, analyze its AVC's

       -u --user
	      logon as user

       -p --password
	      set user password

       -P --plugin
	      Set plugin name associated with the --fix option

AUTHOR

       This man page was written by John Dennis <jdennis@redhat.com> and Dan Walsh <dwalsh@redhat.com>.

SEE ALSO

       selinux(8),

								     20061121								sealert(8)
All times are GMT -4. The time now is 06:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy