Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: another time help with syslog-ng
Operating Systems Linux SuSE another time help with syslog-ng Post 302699103 by jackcracker on Tuesday 11th of September 2012 06:19:13 AM
Old 09-11-2012
another time help with syslog-ng
Hi @ all,
there´s another problem which I have with syslog-ng, perhaps somebody have a solution:
We´ve a server which sent his messages-log to another Server - worked well with ... destination logserver ... and so on.
in the /var/log/messages there´s every 5 minutes an entry like this
HTML Code:
...
Sep 10 16:20:01 Servername sshd[25721]: Accepted publickey for user from 123.12.123.123 port 47936 ssh2
...
Because I get rid of these messages I tried to filter it out with syslog-ng.

What I want:
the messages above should be written in a seperate logfile, and the 1-hourly-syslog-status-message from syslog himself
HTML Code:
Sep 11 12:12:26 Servername syslog-ng[18531]: Log statistics; dropped='udp(AF_INET(123.12.123.12:514))=0', processed='ce
nter(queued)=71', processed='center(received)=30', processed='destination(messages)=24', processed='destination(mailinfo)=0
', processed='destination(mailwarn)=0', processed='destination(logserver)=30', processed='destination(localmessages)=0', pr
ocessed='destination(mailerr)=0', processed='destination(newserr)=0', processed='destination(netmgm)=0', processed='destina
tion(warn)=0', processed='destination(console)=0', processed='destination(null)=0', processed='destination(mail)=0', proces
sed='destination(xconsole)=0', processed='destination(firewall)=0', processed='destination(f_publickey)=17', processed='des
tination(acpid)=0', processed='destination(newscrit)=0', processed='destination(newsnotice)=0', processed='source(src)=30'
should be written still in /var/log/messages;
furthermore the Server should sent his messages to a Log-Server but of course without the "publickey" messages, but within the syslog-ng-status-messages
I tried many versions of configuring the syslog-ng.conf but none of them worked well.
Here´re the lines in my syslog-ng.conf:
HTML Code:
...
filter f_messages { not facility(news, mail) and not filter(f_iptables) and not filter("publickey"); };
...
#Filter f_publickey
filter f_publickey { match("publickey"); };
...
# Logfile for publickey-messages
destination publickey { file("/var/log/publickey"); };
log { source(src); filter(f_publickey); destination(publickey); };
but unfortunately it didn´t work -
either the "publickey"-messages will be written together with the syslog-status-message in my defined file or the seperate file keeps empty.

Could anybody told me, where´s my mistake or is there perhaps another solution possible?
Thanks for answers
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How To Provide Time Sync Using Nts-150 Time Server On Unix Network?

can anybody tel lme,how to instal NTS -150 on a unix network,it needs some patch to fetch time frm serve,,?? (2 Replies)
Discussion started by: pesty
2 Replies

2. Shell Programming and Scripting

Merging last and syslog data on time

This is on a HP-UX system. I need to merge the 2 reports, for each line in syslog I need to lookup who was logged in to the pts/# based on the time from the last.txt report. Here is what I get from sulog.log cat syslog | grep "su:" | grep "Jun 14" Jul 14 08:02:48 server1 su: - 2 ... (8 Replies)
Discussion started by: Ikon
8 Replies

3. Shell Programming and Scripting

Convert Epoch Time to Standard Date and Time & Vice Versa

Hi guys, I know that this topic has been discuss numerous times, and I have search the net and this forum for it. However, non able to address the problem I faced so far. I am on Solaris Platform and unable to install additional packages like the GNU date and gawk to make use of their... (5 Replies)
Discussion started by: DrivesMeCrazy
5 Replies

4. UNIX for Dummies Questions & Answers

Extracting a Time Span from Syslog Messages File

Hi all, I need your help to explain how I can extract a time span from the syslog messages file on a Solaris 10 system. Here is an example extract of the syslog messages: Dec 4 11:51:38 hajap141-0107.nls.jlrint.com 267938: Dec 4 11:51:36: %DOT11-6-DISASSOC: Interface Dot11Radio0,... (4 Replies)
Discussion started by: wthomas
4 Replies

5. Solaris

modifying date and time and time zone on solaris 5.10 with (redundant server) veritas

I have a cluster of two Solaris server (veritas cluster). one working and the other is standby I am going to change the date on them , and am looking for a secure solution as it is giving an important service. my opinion is that the active one doesn't need to be restarted (if I don't change the... (1 Reply)
Discussion started by: barry1946
1 Replies

6. Shell Programming and Scripting

Adding time to date time in UNIX shell scipting

I needed some help in adding a duration (in seconds) to a start time (in hhmmss format) and a start date (in mmddyy format) in order to get an end date and end time. The concept of a leap year is also to be considered while incrementing the day. The code/ function that I have formed so far is as... (3 Replies)
Discussion started by: codehelp04
3 Replies

7. Shell Programming and Scripting

Convert UTC time into current UNIX sever time zone

Hi guys thanks for the help for my previous posts.Now i have a requirement that i download a XMl file which has UTC time stamp.I need to convert UTC time into Unix server timezone. For ex if the time zone of unix server is CDT then i need to convert into CDT.whatever may be the system time... (5 Replies)
Discussion started by: mohanalakshmi
5 Replies

8. Programming

Find gaps in time data and replace missing time value and column 2 value by interpolation in awk

Dear all, I am kindly seeking assistance on the following issue. I am working with data that is sampled every 0.05 hours (that is 3 minutes intervals) here is a sample data from the file 5.00000 15.5030 5.05000 15.6680 5.10000 16.0100 5.15000 16.3450 5.20000 16.7120 5.25000... (4 Replies)
Discussion started by: malandisa
4 Replies

9. Shell Programming and Scripting

Calculate Time diff in milli milliseconds(Time format : HH:MM:SS,NNN)

Hi All, I have one file which contains time for request and response. I want to calculate time difference in milliseconds for each line. This file can contain 10K lines. Sample file with 4 lines. for first line. Request Time: 15:23:45,255 Response Time: 15:23:45,258 Time diff... (6 Replies)
Discussion started by: Raza Ali
6 Replies

LEARN ABOUT OSX

openpam_log

OPENPAM_LOG(3)						   BSD Library Functions Manual 					    OPENPAM_LOG(3)

NAME

     openpam_log -- log a message through syslog

LIBRARY

     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

     #include <sys/types.h>
     #include <security/pam_appl.h>
     #include <security/openpam.h>

     void
     openpam_log(int level, const char *fmt, ...);

DESCRIPTION

     The openpam_log function logs messages using syslog(3).  It is primarily intended for internal use by the library and modules.

     The level argument indicates the importance of the message.  The following levels are defined:

     PAM_LOG_DEBUG	 Debugging messages.  These messages are logged with a syslog(3) priority of LOG_DEBUG.

     PAM_LOG_VERBOSE	 Information about the progress of the authentication process, or other non-essential messages.  These messages are logged
			 with a syslog(3) priority of LOG_INFO.

     PAM_LOG_NOTICE	 Messages relating to non-fatal errors.  These messages are logged with a syslog(3) priority of LOG_NOTICE.

     PAM_LOG_ERROR	 Messages relating to serious errors.  These messages are logged with a syslog(3) priority of LOG_ERR.

     The remaining arguments are a printf(3) format string and the corresponding arguments.

SEE ALSO

     pam(3), printf(3), syslog(3)

STANDARDS

     The openpam_log function is an OpenPAM extension.

AUTHORS

     The openpam_log function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the
     Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS
     research program.

BSD
								 December 21, 2007							       BSD
All times are GMT -4. The time now is 02:34 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy