How do I make activities appear in SYSLOG file?

Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 8  
I am not sure that it is possible to throw audit messages direct to syslog and I don't know which version of syslog-ng comes with SLES. The last you can check with the command rpm -qa | grep syslog-ng.

The first is more difficult. You will need to define in your syslog-ng configuration one more source and destination for logs.

Source is something like:
Code:
source s_audit {
  file ("/var/log/audit/audit.log"
    follow-freq(1)
    keep-timestamp(yes)
    flags(no-parse));
};

Destination is something like:
Code:
destination d_logrythm {
  syslog("your-server" 
  transport("tcp")
  port("514"));
};

And then tell syslog-ng, that messages from audit.log should go to logrythm:
Code:
log { source(s_audit); destination(d_logrythm); };

Of course, it is just an example. You have to adapt this configuration to your environment.
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

10 More Discussions You Might Find Interesting

1. Programming

DB2 z/os How to Track table delete Activities

Dear Team I am using DB2 v10 z/os database . Need expert guidance to figure out best way to track table activities ( Ex Delete, Insert,Update ) Scenario We have a table which is critical and many developer/testing team access on daily basis . We had instance where some deleted entire table .... (1 Reply)
Discussion started by: Perlbaby
1 Replies

2. Solaris

SYSLOGS - Where can I find FTP activities

Greetings to all. I need help from the experts. I have been given a FTP server script that runs all day, looking for files that are FTP'd to our machines. Its hoaky I know, but there are times that files are sent but somehow get lost. Is there a logfile I can view to see when files are received? ... (1 Reply)
Discussion started by: Harleyrci
1 Replies

3. Shell Programming and Scripting

shell script for monitoring users activities

hi I need a shell script which runs perpetually in background and monitors different aspects of different users on different files and their usages for example say there r 3 users so i want when they log in i.e. their log in time and their file access, modify and change log of each file of a... (3 Replies)
Discussion started by: rrd1986
3 Replies

4. Programming

makeutility: how to get the make-file name inside of the make-file?

How I can get the current make-file name in a make-file So, if I run make with specified file:make -f target.mak is it possible to have the 'target' inside of the that 'target.mak' from the file name? (2 Replies)
Discussion started by: alex_5161
2 Replies

5. Shell Programming and Scripting

Script to log into unix box and do a set of activities

Hi all, I want to automate a set of activities i am doing daily.the activities in the order are: 1.loging in to the unix box. 2.sudo su - tsiap, give pwd 3. cd appsrv 4. cd log 5. run the below cmd one by one, if you find any query which has run for more than 5 secs, open the... (1 Reply)
Discussion started by: cybersandex
1 Replies

6. Solaris

restricting users privileges and logging their activities

Hello, I'm administrating new installed cluster that runs Legato Networker and Oracle 9. And I want to restrict the use of root to my self and givr the application and DBA the proper and needed privileges to do their duties without hassle in addition I would like to log users activities. my... (0 Replies)
Discussion started by: sh_ksa
0 Replies

7. Shell Programming and Scripting

Need for loop to do 2 activities

I need my for loop to do 2 things at a time. I have a script where I move the old files into archive directory and then i want to compress them. Presently I am using 2 for loops for it. How can i do it in 1 for loop. Code: after this i am compresing them in another for loop: (3 Replies)
Discussion started by: dsravan
3 Replies

8. Shell Programming and Scripting

patterns from logs and activities

hi, i need help writing shell scripts to define patterns of user activities on our apache. i thought about going through logfiles and other places where user activities are stored and use that data to define patterns of action. i want these patterns to be visualized then. now my... (3 Replies)
Discussion started by: rocketkids
3 Replies

9. UNIX for Advanced & Expert Users

Tracking activities of Users using a particular login.

Hi!! Experts, I have a typical scenario here in which several users have access to a particular login .. say "build". None of the users know the passwd for this login. The name of some of the user have been to .rhosts file. The users can connect only by doing a rlogin to this id and then... (4 Replies)
Discussion started by: jyotipg
4 Replies

10. UNIX for Advanced & Expert Users

Keeping an eye on all user activities

I am responsible for administering 6 Tru64UX servers. I need to keep an eye on all the commands executed by all the users. Is there a way where I can save the commands executed in a seperate folder and then keep checking the list every now and then. How can do it ? (5 Replies)
Discussion started by: shauche
5 Replies
UPSSCHED(8)							    NUT Manual							       UPSSCHED(8)

NAME
upssched - Timer helper for scheduling events from upsmon SYNOPSIS
upssched Note upssched should be run from upsmon(8) via the NOTIFYCMD. You should never run it directly during normal operations. DESCRIPTION
upssched was created to allow users to execute programs at times relative to events being monitored by upsmon(8). The original purpose was to allow for a shutdown to occur after some fixed period on battery, but there are other uses that are possible. INTEGRATION
upssched needs to be called as the NOTIFYCMD in your upsmon.conf(5). It determines what is happening based on the UPSNAME and NOTIFYTYPE environment variables. You should never have to deal with them directly. Set the EXEC flag on the events that you want to see in upssched. For example, to make sure that upssched hears about ONLINE, ONBATT and LOWBATT events, the flags would look like this: NOTIFYFLAG ONLINE EXEC NOTIFYFLAG ONBATT EXEC NOTIFYFLAG LOWBATT EXEC If you also want to continue writing to the syslog, just add it in: NOTIFYFLAG ONLINE SYSLOG+EXEC NOTIFYFLAG ONBATT SYSLOG+EXEC NOTIFYFLAG LOWBATT SYSLOG+EXEC For a full list of notify flags, see the upsmon(8) documentation. CONFIGURATION
See upssched.conf(5) for information on configuring this program. EARLY SHUTDOWNS
To shut down the system early, define a timer that starts due to an ONBATT condition. When it triggers, make your CMDSCRIPT call your shutdown routine. It should finish by calling upsmon -c fsd so that upsmon gets to shut down the slaves in a controlled manner. Be sure you cancel the timer if power returns (ONLINE). DEBOUNCING EVENTS
If your UPS goes on and off battery frequently, you can use this program to reduce the number of pager messages that are sent out. Rather than sending pages directly from upsmon(8), use a short timer here. If the timer triggers with the UPS still on battery, then send the page. If the power returns before then, the timer can be cancelled and no page is necessary. BACKGROUND
This program was written primarily to fulfill the requests of users for the early shutdown scenario. The "outboard" design of the program (relative to upsmon) was intended to reduce the load on the average system. Most people don't have the requirement of shutting down after N seconds on battery, since the usual OB+LB testing is sufficient. This program was created separately so those people don't have to spend CPU time and RAM on something that will never be used in their environments. The design of the timer handler is also geared towards minimizing impact. It will come and go from the process list as necessary. When a new timer is started, a process will be forked to actually watch the clock and eventually start the CMDSCRIPT. When a timer triggers, it is removed from the queue. Cancelling a timer will also remove it from the queue. When no timers are present in the queue, the background process exits. This means that you will only see upssched running when one of two things is happening: o There's a timer of some sort currently running o upsmon just called it, and you managed to catch the brief instance The final optimization handles the possibility of trying to cancel a timer when there are none running. If the timer daemon isn't running, there are no timers to cancel, and furthermore there is no need to start a clock-watcher. So, it skips that step and exits sooner. FILES
upssched.conf(5) SEE ALSO
upsmon(8) Internet resources: The NUT (Network UPS Tools) home page: http://www.networkupstools.org/ Network UPS Tools 05/21/2012 UPSSCHED(8)

Featured Tech Videos