Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: another time help with syslog-ng
Operating Systems Linux SuSE another time help with syslog-ng Post 302699103 by jackcracker on Tuesday 11th of September 2012 06:19:13 AM
Old 09-11-2012
another time help with syslog-ng
Hi @ all,
there´s another problem which I have with syslog-ng, perhaps somebody have a solution:
We´ve a server which sent his messages-log to another Server - worked well with ... destination logserver ... and so on.
in the /var/log/messages there´s every 5 minutes an entry like this
HTML Code:
...
Sep 10 16:20:01 Servername sshd[25721]: Accepted publickey for user from 123.12.123.123 port 47936 ssh2
...
Because I get rid of these messages I tried to filter it out with syslog-ng.

What I want:
the messages above should be written in a seperate logfile, and the 1-hourly-syslog-status-message from syslog himself
HTML Code:
Sep 11 12:12:26 Servername syslog-ng[18531]: Log statistics; dropped='udp(AF_INET(123.12.123.12:514))=0', processed='ce
nter(queued)=71', processed='center(received)=30', processed='destination(messages)=24', processed='destination(mailinfo)=0
', processed='destination(mailwarn)=0', processed='destination(logserver)=30', processed='destination(localmessages)=0', pr
ocessed='destination(mailerr)=0', processed='destination(newserr)=0', processed='destination(netmgm)=0', processed='destina
tion(warn)=0', processed='destination(console)=0', processed='destination(null)=0', processed='destination(mail)=0', proces
sed='destination(xconsole)=0', processed='destination(firewall)=0', processed='destination(f_publickey)=17', processed='des
tination(acpid)=0', processed='destination(newscrit)=0', processed='destination(newsnotice)=0', processed='source(src)=30'
should be written still in /var/log/messages;
furthermore the Server should sent his messages to a Log-Server but of course without the "publickey" messages, but within the syslog-ng-status-messages
I tried many versions of configuring the syslog-ng.conf but none of them worked well.
Here´re the lines in my syslog-ng.conf:
HTML Code:
...
filter f_messages { not facility(news, mail) and not filter(f_iptables) and not filter("publickey"); };
...
#Filter f_publickey
filter f_publickey { match("publickey"); };
...
# Logfile for publickey-messages
destination publickey { file("/var/log/publickey"); };
log { source(src); filter(f_publickey); destination(publickey); };
but unfortunately it didn´t work -
either the "publickey"-messages will be written together with the syslog-status-message in my defined file or the seperate file keeps empty.

Could anybody told me, where´s my mistake or is there perhaps another solution possible?
Thanks for answers
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How To Provide Time Sync Using Nts-150 Time Server On Unix Network?

can anybody tel lme,how to instal NTS -150 on a unix network,it needs some patch to fetch time frm serve,,?? (2 Replies)
Discussion started by: pesty
2 Replies

2. Shell Programming and Scripting

Merging last and syslog data on time

This is on a HP-UX system. I need to merge the 2 reports, for each line in syslog I need to lookup who was logged in to the pts/# based on the time from the last.txt report. Here is what I get from sulog.log cat syslog | grep "su:" | grep "Jun 14" Jul 14 08:02:48 server1 su: - 2 ... (8 Replies)
Discussion started by: Ikon
8 Replies

3. Shell Programming and Scripting

Convert Epoch Time to Standard Date and Time & Vice Versa

Hi guys, I know that this topic has been discuss numerous times, and I have search the net and this forum for it. However, non able to address the problem I faced so far. I am on Solaris Platform and unable to install additional packages like the GNU date and gawk to make use of their... (5 Replies)
Discussion started by: DrivesMeCrazy
5 Replies

4. UNIX for Dummies Questions & Answers

Extracting a Time Span from Syslog Messages File

Hi all, I need your help to explain how I can extract a time span from the syslog messages file on a Solaris 10 system. Here is an example extract of the syslog messages: Dec 4 11:51:38 hajap141-0107.nls.jlrint.com 267938: Dec 4 11:51:36: %DOT11-6-DISASSOC: Interface Dot11Radio0,... (4 Replies)
Discussion started by: wthomas
4 Replies

5. Solaris

modifying date and time and time zone on solaris 5.10 with (redundant server) veritas

I have a cluster of two Solaris server (veritas cluster). one working and the other is standby I am going to change the date on them , and am looking for a secure solution as it is giving an important service. my opinion is that the active one doesn't need to be restarted (if I don't change the... (1 Reply)
Discussion started by: barry1946
1 Replies

6. Shell Programming and Scripting

Adding time to date time in UNIX shell scipting

I needed some help in adding a duration (in seconds) to a start time (in hhmmss format) and a start date (in mmddyy format) in order to get an end date and end time. The concept of a leap year is also to be considered while incrementing the day. The code/ function that I have formed so far is as... (3 Replies)
Discussion started by: codehelp04
3 Replies

7. Shell Programming and Scripting

Convert UTC time into current UNIX sever time zone

Hi guys thanks for the help for my previous posts.Now i have a requirement that i download a XMl file which has UTC time stamp.I need to convert UTC time into Unix server timezone. For ex if the time zone of unix server is CDT then i need to convert into CDT.whatever may be the system time... (5 Replies)
Discussion started by: mohanalakshmi
5 Replies

8. Programming

Find gaps in time data and replace missing time value and column 2 value by interpolation in awk

Dear all, I am kindly seeking assistance on the following issue. I am working with data that is sampled every 0.05 hours (that is 3 minutes intervals) here is a sample data from the file 5.00000 15.5030 5.05000 15.6680 5.10000 16.0100 5.15000 16.3450 5.20000 16.7120 5.25000... (4 Replies)
Discussion started by: malandisa
4 Replies

9. Shell Programming and Scripting

Calculate Time diff in milli milliseconds(Time format : HH:MM:SS,NNN)

Hi All, I have one file which contains time for request and response. I want to calculate time difference in milliseconds for each line. This file can contain 10K lines. Sample file with 4 lines. for first line. Request Time: 15:23:45,255 Response Time: 15:23:45,258 Time diff... (6 Replies)
Discussion started by: Raza Ali
6 Replies

LEARN ABOUT REDHAT

qdisable

qdisable(8B)								PBS							      qdisable(8B)

NAME

       qdisable - disable input to a pbs destination

SYNOPSIS

       qdisable destination ...

DESCRIPTION

       The  qdisable  command  directs that a destination should no longer accept batch jobs.  If the command is accepted, the destination will no
       longer accept Queue Job requests which specified the disabled queue.  Jobs which already reside in the queue will continue to be processed.
       This allows a queue to be "drained."

       In order to execute qdisable, the user must have PBS Operation or Manager privilege.

OPERANDS

       The qdisable command accepts one or more destination operands.  The operands are one of three forms:
	    queue
	    @server
	    queue@server
       If queue is specified, the request is to disable that queue at the default server.  If the @server form is given, the request is to disable
       all the queues at that server.  If a full destination identifier, queue@server, is given, the request is to disable the named queue at  the
       named server.

STANDARD ERROR

       The qdisable command will write a diagnostic message to standard error for each error occurrence.

EXIT STATUS

       Upon successful processing of all the operands presented to the qdisable command, the exit status will be a value of zero.

       If the qdisable command fails to process any operand, the command exits with a value greater than zero.

SEE ALSO

       pbs_server(8B), qmgr(1B), and qenable(8B)

Local																      qdisable(8B)
All times are GMT -4. The time now is 01:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy