Login or Register to Ask a Question and Join Our Community


Ubuntu

Date format in the files written by syslogd

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Ubuntu Date format in the files written by syslogd
# 22  
Old 01-15-2013
Quote:
Originally Posted by prash358
How can we correct the date format in the below log
By correcting the part of the code that writes to that log. If you show the relevant part of the code, we'll try to help.
# 23  
Old 01-15-2013
Quote:
Originally Posted by RudiC
Pls grep for log or syslog in the output of ps.
Quote:
linux@test1:~$ ps -ef |grep syslog
syslog 14501 1 0 Jan14 ? 00:00:28 rsyslogd -c4
---------- Post updated at 11:17 AM ---------- Previous update was at 11:14 AM ----------

Below is the rsyslog.conf file

Code:
#  /etc/rsyslog.conf    Configuration file for rsyslog.
#
#                       For more information see
#                       /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf

# First some standard logfiles.  Log by facility.
#
auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none,local2.none,local5.none          -/var/log/syslog
local2.*                        -/var/log/sudo.log
#cron.*                         /var/log/cron.log
daemon.*                        -/var/log/daemon.log
kern.*                          -/var/log/kern.log
lpr.*                           -/var/log/lpr.log
mail.*                          -/var/log/mail.log
user.*                          -/var/log/user.log

# LDAP mail logging
local5.info                             /BAK/logs/ldap-mail/ldap-mail.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info                       -/var/log/mail.info
mail.warn                       -/var/log/mail.warn
mail.err                        /var/log/mail.err

# Logging for INN news system
#
news.crit                       /var/log/news/news.crit
news.err                        /var/log/news/news.err
news.notice                     -/var/log/news/news.notice

#
# Some `catch-all' logfiles.
#
*.=debug;\
        auth,authpriv.none;\
        news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg                         *

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#       news.=crit;news.=err;news.=notice;\
#       *.=debug;*.=info;\
#       *.=notice;*.=warn       /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
        news.err;\
        *.=debug;*.=info;\
        *.=notice;*.=warn       |/dev/xconsole

#################
#### MODULES ####
#################

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability

$KLogPath /proc/kmsg

# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514

# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514


###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

Last edited by Scott; 01-15-2013 at 04:15 PM.. Reason: CODE tags not QUOTE tags.
# 24  
Old 01-15-2013
Quote:
Originally Posted by prash358
.
.
.
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
Your long and undesired log entries might have to do with above directive. Do you have additional conf files:
Quote:
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
And, what is the contents of conf - files in the remote system?
# 25  
Old 01-15-2013
Quote:
Originally Posted by RudiC
Your long and undesired log entries might have to do with above directive. Do you have additional conf files:

And, what is the contents of conf - files in the remote system?
Thank you for the reply and i have removed the config files under /etc/rsyslog.d directory and btw now i am not seeing the logs like below.

Quote:
linux@test1:/home/ldap/logs/ldap-mail$ tail -f /var/log/messages
2013-01-15T17:03:45.817730+00:00 test1 ldap-mail[18018]: Message delivered
Jan 15 17:03:45 test1 ldap-mail[18018]: submitted
2013-01-15T17:03:45.818092+00:00 test1 ldap-mail[18018]: Resending the message to a total of 0 Moderators
Jan 15 17:03:45 test1 ldap-mail[18018]: Resending the message to a total of 0 Moderators
and i am seeing as

Quote:
linux@test1:/home/ldap/logs/ldap-mail$ tail -f /var/log/messages
2013-01-15T17:03:45.817730+00:00 test1 ldap-mail[18018]: Message delivered
2013-01-15T17:03:45.818092+00:00 test1 ldap-mail[18018]: Resending the message to a total of 0 Moderators

and now i am seeing only the date in one format (i.e)
Quote:
2013-01-15T17:03:45.817730+00:00
and i want the same to be in
Quote:
Jan 15 17:03:45
# 26  
Old 01-15-2013
So it seems to have to do with the conf files. pls try to reverse your action; reinstall the conf files and comment out that line in /etc/rsyslog.conf
# 27  
Old 01-15-2013
Quote:
Originally Posted by RudiC
So it seems to have to do with the conf files. pls try to reverse your action; reinstall the conf files and comment out that line in /etc/rsyslog.conf
I cannot comment out /etc/rsyslog.conf as we have some custom log files setup.

Below are the conf files from /etc/rsyslog.d directory

Code:
linux@test1:/etc/rsyslog.d$ more 50-default.conf
#  Default rules for rsyslog.
#
#                       For more information see rsyslog.conf(5) and /etc/rsyslog.conf

#
# First some standard log files.  Log by facility.
#
auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none          -/var/log/syslog
#cron.*                         /var/log/cron.log
daemon.*                        -/var/log/daemon.log
kern.*                          -/var/log/kern.log
lpr.*                           -/var/log/lpr.log
mail.*                          -/var/log/mail.log
user.*                          -/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info                       -/var/log/mail.info
mail.warn                       -/var/log/mail.warn
mail.err                        /var/log/mail.err

#
# Logging for INN news system.
#
news.crit                       /var/log/news/news.crit
news.err                        /var/log/news/news.err
news.notice                     -/var/log/news/news.notice

#
# Some "catch-all" log files.
#
*.=debug;\
        auth,authpriv.none;\
        news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg                         *

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#       news.=crit;news.=err;news.=notice;\
#       *.=debug;*.=info;\
#       *.=notice;*.=warn       /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
        news.err;\
        *.=debug;*.=info;\
        *.=notice;*.=warn       |/dev/xconsole


and

Code:
linux@test1:/etc/rsyslog.d$ more 20-ufw.conf
# Log kernel generated UFW log messages to file
:msg,contains,"[UFW " /var/log/ufw.log

# Uncomment the following to stop logging anything that matches the last rule.
# Doing this will stop logging kernel generated UFW log messages to the file
# normally containing kern.* messages (eg, /var/log/kern.log)
#& ~

Last edited by Scott; 01-15-2013 at 04:16 PM.. Reason: Code tags, please...
# 28  
Old 01-15-2013
I was proposing to just comment out this line temporarily for a test/compare:
Quote:
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Date: invalid date trying to set Linux date in specific format

i try to set linux date & time in specific format but it keep giving me error Example : date "+%d-%m-%C%y %H:%M:%S" -d "19-01-2017 00:05:01" or date +"%d-%m-%C%y %H:%M:%S" -d "19-01-2017 00:05:01" keep giving me this error : date: invalid date ‘19-01-2017 00:05:01' Please use CODE tags... (7 Replies)
Discussion started by: umen
7 Replies

2. Shell Programming and Scripting

Change date format in am/pm in csv files using UNIX

Hi All, I'm new to forum good to hear all. I stuck in converting date format in csv file using unix csv file contains as below ,750,0000000000000000GCJR, ,06/22/2016 14:48:44 I want to convert into as below ,750,0000000000000000GCJR, ,06/22/2016 02:48:44 PM Please reply asap..... (22 Replies)
Discussion started by: Raghureds
22 Replies

3. Shell Programming and Scripting

To find files having filename containing specific date format

Hi, I have a requirement to create a shell script(tcsh) that finds all the files in a directory having the file name containing date format "YYYYMMDDHHMM" and extract the date time part ""YYYYMMDDHHMM" for further processing. Could you please have any idea on this. trades_201604040000.out... (6 Replies)
Discussion started by: gopal.biswal
6 Replies

4. UNIX for Dummies Questions & Answers

Rename all Files in a UNIX Directory from one date format to another date format

Hi Unix Gurus, I would like to rename several files in a Unix Directory . The filenames can have more than 1 underscore ( _ ) and the last underscore is always followed by a date in the format mmddyyyy. The Extension of the files can be .txt or .pdf or .xls etc and is case insensitive ie... (1 Reply)
Discussion started by: pchegoor
1 Replies

5. Shell Programming and Scripting

Monitor log entries in log files with no Date format? - Efficient logcheck?

is there a way to efficiently monitor logfiles that do not have a date or time format? i have several logs on several different servers that need to be monitored. but i realized writing a script for this would be very complex and time consuming giving the variety of things i need to check for i.e.... (2 Replies)
Discussion started by: SkySmart
2 Replies

6. Shell Programming and Scripting

Finding files before a certain date with predefined format

Guys, I have an input file such as below I would like to know how i would be able to find items created before 2011-10-01 Appreciate any expert advice. Thanks. (3 Replies)
Discussion started by: aismann
3 Replies

7. UNIX for Dummies Questions & Answers

Changing from Excel date format to MySQL date format

I have a list of dates in the following format: mm/dd/yyyy and want to change these to the MySQL standard format: yyyy-mm-dd. The dates in the original file may or may not be zero padded, so April is sometimes "04" and other times simply "4". This is what I use to change the format: sed -i '' -e... (2 Replies)
Discussion started by: figaro
2 Replies

8. Shell Programming and Scripting

convert date format to mysql date format in log file

I have a comma delimited log file which has the date as MM/DD/YY in the 2nd column, and HH:MM:SS in the 3rd column. I need to change the date format to YYYY-MM-DD and merge it with the the time HH:MM:SS. How will I got about this? Sample input 02/27/09,23:52:31 02/27/09,23:52:52... (3 Replies)
Discussion started by: hazno
3 Replies

9. Solaris

rotating the syslogd and messages files

Im about to install a sunfreeware program called logrotate which does exactly what it says on the tin....just a quick question ..if its going to rename messages to messages.0 etc do I need to issue a HUP to syslogd after doing this or will the new messages file get created automatically cheers (2 Replies)
Discussion started by: hcclnoodles
2 Replies

10. Shell Programming and Scripting

convert mmddyy date format to ccyyddd format??

hi, for reading a cobol indexed file i need to convert "mmddyy" date format to "ccyyddd" format. i checked the datecalc and other scripts but couldnt modify them to cater to my need:(... The datecalc gives an output which i believe is the total days till that date, but i want to convert it... (2 Replies)
Discussion started by: Bhups
2 Replies
Login or Register to Ask a Question