I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog.
tail -f /var/log/messages
dblogger: msg_to_dbrow: no logtype using missing
dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below.
function log2syslog
{
declare COMMAND
COMMAND=$(fc -ln -0)
logger -p local1.notice -t bash -i -- "$USER:$COMMAND"
}
trap... (12 Replies)
Hi
New to Suse - mainly used Solaris.
In solaris dmesg will also show you contents of messages log file but in Suse Liux it doesnt appear to.
I dont have root access to this Suse server, and wondering is there any other tool / utility that allows me to see the messages file contents like on... (1 Reply)
AM in need of some plugin/script that can monitor HP-UX file "/var/opt/resmon/log/event.log" .
Have written a scrip in sh shell that is working fine for syslog.log and mail.log as having standard format, have interrogated that to Nagios and is working as I required .
But same script failed to... (3 Replies)
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
Hi all.
I have a strange case on one of my AIX boxes. /var/adm/wtmp on server01 is ~ 400MB large but it only has ~1200 lines. For example on server02 there are ~85000 lines and the file is ~158MB large. I check lines through 'last | wc -l'. But when I check line directly with 'wc -l... (2 Replies)
hi sirs
can u tell the difference between /var/log/syslogs and /var/adm/messages
in my working place i am having two servers.
in one servers messages file is empty and syslog file is going on increasing..
and in another servers message file is going on increasing but syslog file is... (2 Replies)
In our operating procedures, if a workstation has a space problem in the /var filesystem, one of the most frequent case we were told is the size of the /var/adm/wtmp file.
Someone once told me it is dangerous to do this. Is it ?
I cannot say for certain that whomever wrote that procedure is... (2 Replies)
Hi,
I am using redhat AS 3. Recently, I was asked to implement a security control on the OS: to change ownership of /var/log/wtmp to root:sys and permission to 600. However, when I made the change and reboot the machine, everything was reverted. How come? Please help.
The following is the... (1 Reply)
UTMP(5) BSD File Formats Manual UTMP(5)NAME
utmp, wtmp, lastlog -- login records
SYNOPSIS
#include <utmp.h>
DESCRIPTION
The file <utmp.h> declares the structures used to record information about current users in the file utmp, logins and logouts in the file
wtmp, and last logins in the file lastlog. The time stamps of date changes, shutdowns and reboots are also logged in the wtmp file.
The wtmp file can grow rapidly on busy systems, and is normally rotated with newsyslog(8).
These files must be created manually; if they do not exist, they are not created automatically.
#define _PATH_UTMP "/var/run/utmp"
#define _PATH_WTMP "/var/log/wtmp"
#define _PATH_LASTLOG "/var/log/lastlog"
#define UT_NAMESIZE 8
#define UT_LINESIZE 8
#define UT_HOSTSIZE 16
struct lastlog {
time_t ll_time;
char ll_line[UT_LINESIZE];
char ll_host[UT_HOSTSIZE];
};
struct utmp {
char ut_line[UT_LINESIZE];
char ut_name[UT_NAMESIZE];
char ut_host[UT_HOSTSIZE];
time_t ut_time;
};
Each time a user logs in, the login(1) program looks up the user's UID in the file lastlog. If it is found, the timestamp of the last time
the user logged in, the terminal line and the hostname are written to the standard output, providing the login is not set quiet; see
login(1). The login(1) program then records the new login time in the file lastlog.
After the new lastlog record is written, the file utmp is opened and the utmp record for the user inserted. This record remains there until
the user logs out at which time it is deleted (by clearing the user and host fields, and updating the timestamp field). The utmp file is
used by the programs rwho(1), users(1), w(1), and who(1).
Next, the login(1) program opens the file wtmp, and appends the user's utmp record. When the user logs out, a utmp record with the tty line,
an updated time stamp, and cleared user and host fields is appended to the file by init(8). The wtmp file is used by the programs last(1)
and ac(8).
In the event of a date change, a shutdown or reboot, the following items are logged in the wtmp file.
reboot
shutdown A system reboot or shutdown has been initiated. The character '~' is placed in the field ut_line, and reboot or shutdown in the
field ut_name (see shutdown(8) and reboot(8)).
date The system time has been manually or automatically updated by date(1). The command name date is recorded in the field ut_name.
In the field ut_line, the character '|' indicates the time prior to the change, and the character '{' indicates the new time.
FILES
/var/run/utmp The utmp file.
/var/log/wtmp The wtmp file.
/var/log/lastlog The lastlog file.
SEE ALSO last(1), login(1), w(1), who(1), utmpx(5), ac(8), init(8), lastlogin(8), newsyslog(8)HISTORY
A utmp and wtmp file format appeared in Version 6 AT&T UNIX. The lastlog file format appeared in 3.0BSD.
BSD May 14, 2003 BSD