Board index Linux

syslog functioning weird?

syslog functioning weird?

Post by Saotome Ran » Tue, 25 May 1999 04:00:00



I noticed that lately all my logs are going directly to my mail log
instead of being broken up into messages, syslog, etc. etc.

Looking at syslog.conf, I don't see any errors, but running syslogd in
debug mode reveals:

listening on syslog UDP port.
Allocated parts table for 256 file descriptors.
Starting.
Called init.
Called allocate_log, nlogs = -1.
cfline(*.warning;authpriv.none;mail.none                /var/log/messages)
symbolic name: warning ==> 4
symbolic name: none ==> 16
symbolic name: authpriv ==> 80
symbolic name: none ==> 16
symbolic name: mail ==> 16
leading char in action: /
filename: /var/log/messages
Called allocate_log, nlogs = 0.
cfline(*.=debug                                 /var/log/debug)
symbolic name: debug ==> 7
leading char in action: /
filename: /var/log/debug
Called allocate_log, nlogs = 1.
cfline(auth.*;user.*;*.alert;mail.none                  /var/log/syslog)
symbolic name: * ==> 255
symbolic name: auth ==> 32
symbolic name: * ==> 255
symbolic name: user ==> 8
symbolic name: alert ==> 1
symbolic name: none ==> 16
symbolic name: mail ==> 16
leading char in action: /
filename: /var/log/syslog
Called allocate_log, nlogs = 2.
cfline(mail.*;                                  /var/log/maillog)
symbolic name: * ==> 255
symbolic name: mail ==> 16
leading char in action: /
filename: /var/log/maillog
 0: 1F 1F  X 1F 1F 1F 1F 1F 1F 1F  X 1F 1F 1F 1F 1F 1F 1F 1F 1F 1F 1F 1F 1F  X FILE: /var/log/messages
 1: 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80  X FILE: /var/log/debug
 2:  3 FF  X  3 FF  3  3  3  3  3  3  3  3  3  3  3  3  3  3  3  3  3  3  3  X FILE: /var/log/syslog
 3:  X  X FF  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X  X FILE: /var/log/maillog
logmsg: pri 56, flags 4, from tass, msg syslogd 1.3-0#: restart.
syslogd: restarted.
Debugging disabled, SIGUSR1 to turn on debugging.
Select interrupted.
Calling select, active file descriptors: 3

Successful select, descriptor count = 1, Activity on: 3
Checking UNIX connections, active:
New UNIX connect assigned to fd: 5.
Calling select, active file descriptors: 3 5

Successful select, descriptor count = 1, Activity on: 5
Checking UNIX connections, active: 5
Message from UNIX socket #5.
Message length: 62, File descriptor: 5.
logmsg: pri 26, flags 2, from tass, msg May 24 14:19:32 in.telnetd[16774]: connect from localhost
Called fprintlog, logging to FILE /var/log/maillog
Calling select, active file descriptors: 3 5

Successful select, descriptor count = 1, Activity on: 5
Checking UNIX connections, active: 5
Message from UNIX socket #5.
Unix socket (5) closed.
Calling select, active file descriptors: 3
Select interrupted.

Any ideas or help out there would be most appreciated!
Thanks!

 
 
 
Top

syslog functioning weird?

Post by L J Bay » Wed, 26 May 1999 04:00:00



>I noticed that lately all my logs are going directly to my mail log
>instead of being broken up into messages, syslog, etc. etc.

>Looking at syslog.conf, I don't see any errors, but running syslogd in
>debug mode reveals:
>...
>cfline(mail.*;                                      /var/log/maillog)

I think this line is it: "mail.*;<tab>/var/log/maillog"
Take off the ; in this line.
It looks like syslog is seeing it as "mail.*;*.*"

 
 
 
Top

syslog functioning weird?

Post by Saotome Ran » Wed, 26 May 1999 04:00:00





>>I noticed that lately all my logs are going directly to my mail log
>>instead of being broken up into messages, syslog, etc. etc.

>>Looking at syslog.conf, I don't see any errors, but running syslogd in
>>debug mode reveals:
>>...
>>cfline(mail.*;                                  /var/log/maillog)

>I think this line is it: "mail.*;<tab>/var/log/maillog"
>Take off the ; in this line.
>It looks like syslog is seeing it as "mail.*;*.*"

I removed the extraneous ';' but that did nothing to help.

Any other suggestions? It's driving me crazy!

 
 
 
Top

1. Tuning syslog/Syslog reporting/Syslog enhancement/replacements

Hello,

        I have been investigating using syslog's logging facilities. I have
currently set up our network to log to a central logging host. In my
preliminary attempts, I have set up syslog to dump everything to a single file,
which gets messy. I've sorted out the files now, and I have noticed that
certain applications such as telnetd and ftpd write to the LOG_MAIL facility.
Is there
a way to alter the logging facility that they report to, or will I have to have
modified binaries to handle this? I'm mostly concerned with our AIX machines
but we also have HPUX, Sunos/Solaris, and OSF. I could very well have it dump
all
information and sort out the data based on rules I develop using
sed/awk/perl/grep (whatever), But it would be nicer if it were done by
syslog/programs writing to syslog.

        Also, is anyone familiar with any other logging utilities? I would be grateful
for some help/advice or some pointers to where to find this information.

Thanks for your help.

Adam

2. AfterStep sounds

3. creating different syslog file /var/log/syslog.0 /var/log/syslog.1...

4. Trident 3dimage+flyvideo=crash??? Please help!

5. Weird Ping, weird FTP, weird Telnet... HELP!!!

6. Compilation Errors after upgrade

7. Weird, weird, weird issue ....

8. Solaris: x86 vs Sparc

9. weird interaction of syslog and FIFO

10. weird kernel message in syslog

11. Weird syslog entries

12. Help..Weird error message in syslog..

13. weird message in syslog on bootup


All times are UTC
Board index