12-05-2002
)
I got hit by a rootkit. The hacker must have shut down the daemon. Is there a way to clean out the system from the SK rootkit? Please let me know! I know a re-install is suggested but this is the second time this is happenning and I want to find a way to tackle this with the minimum downtime!!
I am running redhat linux 7.0.
Please advice...
thanks
KS
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Working out of AIX 4.3.
All logs that were written via application suddenly stopped. executing a tail -f <logfile> was not producing any results.
Tried to refresh the syslogd (daemon). When executing "refresh -s syslogd" system would display
<<0513-036 The request could not be passed to... (2 Replies)
Discussion started by: buRst
2 Replies
2. UNIX for Advanced & Expert Users
I would like to start up multiple instances of syslog daemon. I am having a little difficulty. Is this at all possible?
I have separate syslog.conf1.... syslog.conf5 files.
I have linked the daemon to separate files syslogd1 ... syslogd5
I have arranged the rcd.2 start/stop scripts for... (9 Replies)
Discussion started by: Gary Dunn
9 Replies
3. UNIX for Advanced & Expert Users
I have a remote syslog server which is recieving messages from many hosts. I would like it to log them in seperate files denoted by hostname . For example all messages for host1 in a directory of the same name. Is there an easy way to do this using syslogd? I have a feeling syslog-ng provides this... (3 Replies)
Discussion started by: silvaman
3 Replies
4. Solaris
Hi friends,
is it possible to ignore special messages with syslogd? we have some errors that are firmware issues an no real faults. we serach for a way to ignore ONLY these messages... OS is solaris 10...
any ideas?
tia,
DN2 (1 Reply)
Discussion started by: DukeNuke2
1 Replies
5. AIX
Hi,
I wanted to log some authentication information, so I added following line to /etc/syslog.conf:
auth.info /home/vilius/dir1/eeerrr.log
After that I refreshed syslogd subsystem:
refresh -s syslogd
To check my logging I made few unsuccessfull attempts to login as root using ssh and... (1 Reply)
Discussion started by: vilius
1 Replies
6. Solaris
Hi All,
I can seem to find the syslog daemon in the /etc/init.d/ dir. i have made change to the syslog.conf i need to restart the daemon. am using solaris 10. i have no problem on version 9
Anyone with a template i can use for log review for auditing purposes. (1 Reply)
Discussion started by: lottiem
1 Replies
7. Linux
I'm recieving from time to time such messages:
Message from syslogd@localhost at Sat Jul 8 18:29:58 2006 ...
localhost kernel: Disabling IRQ #17
What could cause such messages? How can I at least disable these messages which are posted on all terminals?
Note:
$ uname -a
Linux... (19 Replies)
Discussion started by: Hitori
19 Replies
8. AIX
Hi Guys,
I am configuring syslogd for Message broker.
I know that we have to add a line user.* /var/log/wmb.log
to the /etc/syslog.conf file.
I want to know what userid does the user in user.* take?
Thanks (1 Reply)
Discussion started by: vandi
1 Replies
9. Solaris
Hi ,
Iam using Solaris8 and as I checked I found syslogd process not running
can please somebody suggest me the way to start it. (2 Replies)
Discussion started by: Laxxi
2 Replies
10. Solaris
Where do I configure where syslogd writes to log files?
I've got open files in an archive directory called errlog.131017 and audlog.131017 and, having run an fuser, it appears that syslogd is writing to these files. (3 Replies)
Discussion started by: psychocandy
3 Replies
logger(1) User Commands logger(1)
NAME
logger - add entries to the system log
SYNOPSIS
logger [-i] [-f file] [-p priority] [-t tag] [message] ...
DESCRIPTION
The logger command provides a method for adding one-line entries to the system log file from the command line. One or more message argu-
ments can be given on the command line, in which case each is logged immediately. If this is unspecified, either the file indicated with -f
or the standard input is added to the log. Otherwise, a file can be specified, in which case each line in the file is logged. If neither
is specified, logger reads and logs messages on a line-by-line basis from the standard input.
OPTIONS
The following options are supported:
-ffile Uses the contents of file as the message to log.
-i Logs the process ID of the logger process with each line.
-ppriority Enters the message with the specified priority. The message priority can be specified numerically, or as a facility.level
pair. For example, `-p local3.info' assigns the message priority to the info level in the local3 facility. The default
priority is user.notice.
-ttag Marks each line added to the log with the specified tag.
OPERANDS
The following operand is supported:
message One of the string arguments whose contents are concatenated together, in the order specified, separated by single space
characters.
EXAMPLES
Example 1: Examples of the logger command
The following example:
example% logger System rebooted
logs the message `System rebooted' to the default priority level notice to be treated by syslogd as are other messages to the facility
user.
The next example:
example% logger -p local0.notice -t HOSTIDM -f /dev/idmc
reads from the file /dev/idmc and logs each line in that file as a message with the tag `HOSTIDM' at priority level notice to be treated by
syslogd as are other messages to the facility local0.
ENVIRONMENT VARIABLES
See environ(5) for descriptions of the following environment variables that affect the execution of logger: LANG, LC_ALL, LC_CTYPE, LC_MES-
SAGES, and NLSPATH.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
>0 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|Interface Stability |Standard |
+-----------------------------+-----------------------------+
SEE ALSO
mailx(1), write(1), syslogd(1M), syslog(3C), attributes(5), environ(5), standards(5)
SunOS 5.10 1 Feb 1995 logger(1)