10-09-2008
I think the last line of the server conf file is redundant. You don't need this. Another thing: you can add the flag(final); statement to each of the log entries so that no log will be stored more than once if it matches multiple filters.
Thanks
10 More Discussions You Might Find Interesting
1. Red Hat
Hi all
I have a RedHat Linux AS2.1 server that keep crashing/rebooting and there are no messages in the /var/log/messages file pointing to any problems. I had a look at the /etc/syslog.conf file to see what gets logged to /var/log/messages, but I don't know what else to add. Can anyone tell me... (1 Reply)
Discussion started by: soliberus
1 Replies
2. Linux
Hi everybody,
i have a little problem...
I have two server srv01 and srv02.
srv02 have a syslogd server onboard and listen on 515... not on 514 (it's busy).
How i configure the syslog.conf of srv01 for send logs on srv02:515 ???
Now i have on srv01:
*.* @srv02
if i write:
*.* ... (0 Replies)
Discussion started by: Zio Bill
0 Replies
3. UNIX for Dummies Questions & Answers
Hi,
We had a hardware problem at work and none of the kernel problems outputted to the log file, just the screen. How can I configure the syslogd.conf file to record kernel events (ie hardware problems) to /dev/console and/var/log/messages. Can I just put:
/dev/console /var/log/messages on... (5 Replies)
Discussion started by: mojoman
5 Replies
4. Solaris
Hi Everyone,
I just wanted to know about the below entry in syslog.conf in Solaris 10:
kern.notice @destserver
Now the log will be redirected to destserver. But I want to know the location on the destserver where this log will be thrown.
Thanks in Advance,
Deepak (4 Replies)
Discussion started by: naw_deepak
4 Replies
5. UNIX for Advanced & Expert Users
I have a RHEL box that I want to be the loghost for all of the other systems on my network and have set up a /logs partitions to hold all of the logs. I've also created a file called current.log that will contain daily logs and created it using the following command: cp /dev/null current.log. ... (4 Replies)
Discussion started by: goose25
4 Replies
6. Shell Programming and Scripting
How can i configure messages with warn priority to be logged in /var/log/mywarnings.log ? (1 Reply)
Discussion started by: g0dlik3
1 Replies
7. Solaris
I would like to configure the syslog.conf to have a good monitoring information about my system.
do you have any idea about best configuration from your experience in your Data Centers
BR, (5 Replies)
Discussion started by: maxim42
5 Replies
8. Red Hat
Hi,
I would like to configure syslog linux client, syslog server is windows server.
so adding on linux client in /etc/syslog.conf @hostname will work in the place of directory location.
example of /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up... (2 Replies)
Discussion started by: manoj.solaris
2 Replies
9. BSD
I'm trying to get all ipfw logs going to ipfw.log I've managed that, but ipfw.log is also getting stuff that shows up in system.log
!-ipfw
*.notice;authpriv,remoteauth,ftp,install,internal.none /var/log/system.log
kern.* /var/log/kernel.log... (5 Replies)
Discussion started by: jnojr
5 Replies
10. Solaris
Hi Community
Which are the available entries to forward syslog in syslog.conf
i have put
*.err;kern.debug;daemon.notice;mail.crit;user.alert;user.emerg;kern.notice;auth.notice;kern.warning @172.16.200.50
and it's not going through.giving error message like below:
syslogd:... (2 Replies)
Discussion started by: bentech4u
2 Replies
LEARN ABOUT DEBIAN
mergelogs
MERGELOGS(1) General Commands Manual MERGELOGS(1)
NAME
mergelogs - merge and consolidate web server logs
SYNOPSIS
mergelogs -p penlog [-c] [-d] [-j jitter] [-t seconds] server1:logfile1 [server2:logfile2 ...]
EXAMPLES
mergelogs -p pen.log 10.0.0.1:access_log.1 10.0.0.2:access_log.2
mergelogs -p pen.log 10.0.18.6:access_log-10.0.18.6 10.0.18.8:access_log-10.0.18.8
DESCRIPTION
When pen is used to load balance web servers, the web server log file lists all accesses as coming from the host running pen. This makes it
more difficult to analyze the log file.
To solve this, pen creates its own log file, which contains the real client address, the time of the access, the target server address and
the first few bytes of the requests.
Mergelogs reads pen's log file and the log files of all load balanced web servers, compares each entry and creates a combined log file that
looks as if the web server cluster were a single physical server. Client addresses are replaced with the real client addresses.
In the event that no matching client address can be found in the pen log, the server address is used instead. This should never happen, and
is meant as a debugging tool. A large number of these indicates that the server system date needs to be set, or that the jitter value is
too small.
You probably don't want to use this program. Penlog is a much more elegant and functional solution.
OPTIONS
-c Do not cache pen log entries. The use of this option is not recommended, as it will make mergelogs search the entire pen log for
every line in the web server logs.
-d Debugging (repeat for more).
-p penlog
Log file from pen.
-j jitter
Jitter in seconds (default 600). This is the maximum variation in time stamps in the pen and web server log files. A smaller value
will result in a smaller pen log cache and faster processing, at the risk of missed entries.
-t seconds
The difference in seconds between the time on the pen server and UTC. For example, this is 7200 (two hours) in Finland.
server:logfile
Web server address and name of log file.
AUTHOR
Copyright (C) 2001-2003 Ulric Eriksson, <ulric@siag.nu>.
SEE ALSO
pen(1), webresolve(1), penlog(1), penlogd(1)
LOCAL MERGELOGS(1)