01-16-2008
messages and syslog files not being created
Guys,
I have a problem whereby my /var/adm/messages and /var/log/syslog are not being generated.
A few months ago this server ran out of inodes and from there it started. I was able to bring down the inode count, but the generation of the above-mentioned files still did not happen as normal.
I have checked some files like: /etc/logadm.conf
#
/var/log/syslog -C 8 -P 'Thu Aug 16 09:10:00 2007' -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/adm/messages -C 4 -P 'Wed Aug 15 09:10:00 2007' -a 'kill -HUP `cat /var/run/syslog.pid`'
/var/cron/log -P 'Mon Jan 14 09:10:00 2008' -c -s 512k -t /var/cron/olog
/var/lp/logs/lpsched -C 2 -N -t '$file.$N'
#
# The entry below is used by turnacct(1M)
#
/var/adm/pacct -C 0 -N -a '/usr/lib/acct/accton pacct' -g adm -m 664 -o adm -p never
and /etc/syslog.conf
#ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
#mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost)
mail.debug /var/log/syslog
local4.debug /var/log/ldap
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
ifdef(`LOGHOST', ,
user.err /dev/sysmsg
user.err /var/adm/messages
user.alert `root, operator'
user.emerg *
)
and my cron file:
#
10 3 * * * /usr/sbin/logadm
10 3 * * 0,4 /etc/cron.d/logchecker
10 3 * * 0 /usr/lib/newsyslog
15 3 * * 0 /usr/lib/fs/nfs/nfsfind
1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1
30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean
#10 3 * * * /usr/lib/krb5/kprop_script ___slave_kdcs___
Could anyone help PLEASE
I need to get my logs going!
Jair Guerra
Belize Central America
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello,
my linux box is, for some reason, creating two files when I creat one. For example, if I create a file via the VI editor called TestFile, the box will create:
TestFile
TestFile~
Does anyone have any ideas as to why I'm getting that second file with the ~ at the end of it?
... (1 Reply)
Discussion started by: Atama
1 Replies
2. UNIX for Dummies Questions & Answers
Any simple 1 liners to check a directory to see if a file was created within the last 10 mins? (5 Replies)
Discussion started by: frustrated1
5 Replies
3. UNIX for Dummies Questions & Answers
How i get the all the files created by particular user?? (2 Replies)
Discussion started by: Anshu
2 Replies
4. Shell Programming and Scripting
I need a script which list the files which is starting with the word heap*** and that is created before past 24 hours.I need the script using find command. please help me on this. (1 Reply)
Discussion started by: jayaramanit
1 Replies
5. UNIX for Advanced & Expert Users
Hi,
Within a SQL file i am calling 5 shell scripts in back ground and redirecting their outputs to different log files in a specific directory.
Now when I observed is, the log files are created with different permissions even though i did not do any thing specific.
For example in... (2 Replies)
Discussion started by: steria_learner
2 Replies
6. Shell Programming and Scripting
Hello. I have a scripting query that I am stumped on which I hope you can help with.
Basically, I have a ksh script that calls a process to create n number of binary files. These files have a maximum size of 1Gb. The process can write n number of files at once (parallel operation) based on the... (4 Replies)
Discussion started by: eisenhorn
4 Replies
7. Shell Programming and Scripting
solaris 8 and solaris 10
c shell
I have a /local/tmp/ directory that is cleared out every day and files are created in it all day long from 0000 - 2359 (24 hour clock) A new file is created in this directory every couple of minutes.
I want a script "rrtime" that takes two arguments hhmm1 and... (4 Replies)
Discussion started by: ajp7701
4 Replies
8. Shell Programming and Scripting
Hello experts,
I used following approach to get listing of all files of remote server.
Now I have remote server file information on same server.
I am getting listing in the output.txt
I want to count today's created files and old files.
I want to compare the numbers... (11 Replies)
Discussion started by: dipeshvshah
11 Replies
9. Shell Programming and Scripting
Is it possible in an ftp script to get remote files based on whether they have been created in the last 30 minutes? (5 Replies)
Discussion started by: gefa
5 Replies
10. Shell Programming and Scripting
Hi,
I want to display the file names and the record count for the files in the 2nd column for the files created today.
i have written the below command which is listing the file names. but while piping the above command to the wc -l command
its not working for me.
ls -l... (5 Replies)
Discussion started by: Showdown
5 Replies
LEARN ABOUT CENTOS
systemd-journald.socket
SYSTEMD-JOURNALD.SERVICE(8) systemd-journald.service SYSTEMD-JOURNALD.SERVICE(8)
NAME
systemd-journald.service, systemd-journald.socket, systemd-journald - Journal service
SYNOPSIS
systemd-journald.service
systemd-journald.socket
/usr/lib/systemd/systemd-journald
DESCRIPTION
systemd-journald is a system service that collects and stores logging data. It creates and maintains structured, indexed journals based on
logging information that is received from the kernel, from user processes via the libc syslog(3) call, from STDOUT/STDERR of system
services or via its native API. It will implicitly collect numerous meta data fields for each log messages in a secure and unfakeable way.
See systemd.journal-fields(7) for more information about the collected meta data.
Log data collected by the journal is primarily text-based but can also include binary data where necessary. All objects stored in the
journal can be up to 2^64-1 bytes in size.
By default, the journal stores log data in /run/log/journal/. Since /run/ is volatile, log data is lost at reboot. To make the data
persistent, it is sufficient to create /var/log/journal/ where systemd-journald will then store the data.
systemd-journald will forward all received log messages to the AF_UNIXSOCK_DGRAM socket /run/systemd/journal/syslog, if it exists, which
may be used by Unix syslog daemons to process the data further.
See journald.conf(5) for information about the configuration of this service.
SIGNALS
SIGUSR1
Request that journal data from /run/ is flushed to /var/ in order to make it persistent (if this is enabled). This must be used after
/var/ is mounted, as otherwise log data from /run is never flushed to /var regardless of the configuration.
SIGUSR2
Request immediate rotation of the journal files.
KERNEL COMMAND LINE
A few configuration parameters from journald.conf may be overridden on the kernel command line:
systemd.journald.forward_to_syslog=, systemd.journald.forward_to_kmsg=, systemd.journald.forward_to_console=
Enables/disables forwarding of collected log messages to syslog, the kernel log buffer or the system console.
See journald.conf(5) for information about these settings.
ACCESS CONTROL
Journal files are, by default, owned and readable by the "systemd-journal" system group but are not writable. Adding a user to this group
thus enables her/him to read the journal files.
By default, each logged in user will get her/his own set of journal files in /var/log/journal/. These files will not be owned by the user,
however, in order to avoid that the user can write to them directly. Instead, file system ACLs are used to ensure the user gets read access
only.
Additional users and groups may be granted access to journal files via file system access control lists (ACL). Distributions and
administrators may choose to grant read access to all members of the "wheel" and "adm" system groups with a command such as the following:
# setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/
Note that this command will update the ACLs both for existing journal files and for future journal files created in the /var/log/journal/
directory.
FILES
/etc/systemd/journald.conf
Configure systemd-journald behaviour. See journald.conf(5).
/run/log/journal/machine-id/*.journal, /run/log/journal/machine-id/*.journal~, /var/log/journal/machine-id/*.journal,
/var/log/journal/machine-id/*.journal~
systemd-journald writes entries to files in /run/log/journal/machine-id/ or /var/log/journal/machine-id/ with the ".journal" suffix. If
the daemon is stopped uncleanly, or if the files are found to be corrupted, they are renamed using the ".journal~" suffix, and
systemd-journald starts writing to a new file. /run is used when /var/log/journal is not available, or when Storage=volatile is set in
the journald.conf(5) configuration file.
SEE ALSO
systemd(1), journalctl(1), journald.conf(5), systemd.journal-fields(7), sd-journal(3), setfacl(1), pydoc systemd.journal.
systemd 208 SYSTEMD-JOURNALD.SERVICE(8)