Questions tagged [logging]
Recording activity on the system (or of a particular program) for later reporting and analysis. Logins, logouts, web server page requests, etc might all be logged.
2,872
questions
0
votes
0
answers
132
views
How to get output of STDOUT to GCP cloud logging
Hey I have a job running on a gcp VM where some imported libraries are logging to stdout with the print or python logging library, and I also have written a lot of code where the output is logged to ...
google-cloud-platform
0
votes
0
answers
68
views
Discover process that exhausted my memory and CPU limits on Ubuntu
I have a DigitalOcean droplet running Ubuntu 22.04.2 LTS (GNU/Linux 5.15.0-89-generic x86_64). My website went down at approximately Fri Dec 01 6:48 AM GMT. From var/log/apache2/access.log, I ...
- 101
0
votes
0
answers
7
views
Is there a way to detect which requests have been made using same connection in Apache log?
I use mod_log_config and mod_log_forensic to log all requests made to an Apache server.
Some of those requests use Keep-Alive and I would like to find out which requests have been made using the same ...
- 111
0
votes
1
answer
46
views
How can I monitor journald to invoke a program on a condition?
Before I reinvent the wheel and start scripting, is there a simple way (or existing tool) that can watch the systemd journal and take actions when certain log entries or conditions are detected?
...
- 117
0
votes
0
answers
13
views
Connect multiple hosts running promtail to loki running on a separate host
Hi all first time posting here.
I have 3 different servers. This is the setup I want to achieve:
Server1 (51.25.365.12): promtail
Server2 (51.25.78.215): promtail
Server3 (216.25.36.54): promtail, ...
0
votes
1
answer
14
views
Windows Event Collector (WEF) Event Viewer unresponsive
We are using Windows Event Collector (WEF) to forward defined security events to a special server. After some days of using this solution, navigating to "Subscription" within the Event ...
- 99
0
votes
0
answers
39
views
Enable $RepeatedMsgReduction only for specific log file
If this were the script for routing messages to log files in rsyslog.conf, is it possible to activate RepeatedMsgReduction only for app_log?
if ($syslogfacility-text == "auth") then {
...
- 1
0
votes
0
answers
62
views
Datadog not collecting logs from file in Kubernetes cluster
I am trying to configure Datadog agent on AKS Cluster and to read logs from file location at /var/log/datadog/messages.log in each service pod.
It is streaming all the metrics except logs from file ...
- 101
0
votes
0
answers
30
views
session logging on CentOS stream
I had a Centos 8 installation with a working session logging setup (sssd, tlog). On any ssh login to the server the session was logged and sent to a syslog server. All the logins are local logins (/...
-1
votes
0
answers
23
views
Does jaeger support log analysis?
Jaeger all-in-one appears to allow ingesting of OpenTelemetry logs, but I can't seem to find a way of viewing them on Grafana or sending them to Loki or viewing in the Jaeger UI. Is there a step I ...
0
votes
1
answer
32
views
NFS Stale mounts logging and tracing
We have a large filesystem exported via NFS and mounted to several Linux Servers.
These mounts seem to go stale for some seconds during the last days making the apps using those mounts to freeze.
...
- 528
2
votes
1
answer
102
views
Postfix: How to log to syslog only?
I have Postfix 3.8.1 on Ubuntu 23.10. How do I configure Postfix to log to syslog only? My syslog daemon is journald.
According to my understand, Postfix should log to syslog, if maillog_file is not ...
- 161
0
votes
0
answers
82
views
Windows event id 4673 audit Failed attempt to perform a privileged operation
I am consistently receiving this error message from agents, and I am receiving a significant number of them daily from a single agent, while the other agents are also receiving the same error message.
...
0
votes
0
answers
77
views
Add the name of the file analyzed to the e-mail (logcheck)
I use logcheck to receive apache logs. My question is how to configure logcheck to add the name of the file that is analysed in the email. Example: at the moment I have this:
This email is sent by ...
0
votes
1
answer
136
views
Fluent-bit in Kubernetes cannot input timestamp data properly
At my company, I built a K8s cluster with Terraform and configured a logging system with EFK (Elasticsearch, Fluent-bit, Kibana).
k8s and Elasticsearch use AWS's EKS and Opensearch Servcie (ES 7.10), ...
- 1
2
votes
1
answer
57
views
How to make logwatch show a reboot event in the report?
Our environment consists of several workstations and servers, all RHEL (CentOS 7) and with logwatch (currently v7.4.0) installed. A custom cron job sends daily logwatch reports via email. The command ...
- 21
0
votes
1
answer
39
views
How to stream Kubernetes log files to a different location using fluent-bit?
I have a requirement where I want the log files of all the Kubernetes containers stored in the location /var/log/containers/ to be kept persistent even after a cluster restart or node issue. I have ...
0
votes
0
answers
67
views
php-fpm - How to log `NOTICE`s to stdout, everything else (`E_ALL`) to stderr?
As far as I understood the configuration docs, it is only possible to enable/disable specific log levels:
# ini, E_NOTICE disabled entirely.
error_reporting=E_ALL & ~E_NOTICE
display_errors=stderr
...
- 101
0
votes
1
answer
88
views
Rsyslog not writing any logs from Cisco network devices - all other remote syslog works fine
tcpdump confirms valid syslog is coming in from multiple remote systems - servers and Cisco network equipment.
OS is Linux RHEL 8.8
The servers all come in fine and write to disk, and are shown as ...
0
votes
0
answers
25
views
syslog diff or comparison that reorders identical lines to ignore race conditions?
Sometimes when debugging intermittent boot problems, it would be advantageous compare two exerpts from syslog: One leading to a working system, and one leading to the symptom. However, diff is not ...
- 158
0
votes
0
answers
71
views
Logging all http requests to domain
I bought a domain name and I would like to log what http requests it receives. Logging the requests headers, url, type and message body. Looking for an easy/affordable solution. Standing up an Apache ...
- 143
0
votes
1
answer
143
views
How can I connect standard output and error of a systemd service to a file with a date in the path?
I would like to run a server process under systemd, and append its standard output and error to a file, where the file path has a date in it, like this:
/initech/logs/tps-report-app/sales/2023/09/11/...
- 427
0
votes
1
answer
58
views
CentOS 7: Postfix logs got cleared when running history -c. How can I investigate what happened the day the log was cleared?
By default, running history -c has no way of also deleting /var/mail/maillog, right?
How can I investigate what happened the day the log was cleared, or (by definition) when the new maillog was ...
- 113
0
votes
0
answers
96
views
Docker container logs not found after dockerd restart
I am running a Ubuntu 18.04 server with Docker (v20.10.12) containers running on it. I have about 5 containers running at a time and they consume about 1.5GB of memory on the regular, while my server ...
2
votes
2
answers
115
views
How do we prevent accidental Graylog denial of service problems without multiple graylog instances?
Our original problem
Last year we had a problem where a rogue piece of software on one server spammed our central Graylog Server with so many messages that it caused problems for other applications.
...
- 400
1
vote
2
answers
127
views
Percona MySQL 8.0.25-15 filling up slow log with headers only
Has anyone experienced an issue where when the slow log is enabled with the following options:
root@(none)> show global variables like "%slow_query%";
+-----------------------------------+...
- 331
0
votes
1
answer
109
views
Systemd CGroups - where are logs for exceeding resource limits?
By default systemd assigns resource limits through CGroups like TaskMax, here's a example of this:
$ systemctl status sshd
● sshd.service - OpenSSH Daemon
Loaded: loaded (/usr/lib/systemd/system/...
- 101
1
vote
0
answers
47
views
How can I see the IPs of the computers that queried my Azure OpenAI resource via the Azure OpenAI API?
I created several Azure OpenAI resources in my Azure account. I deployed GPT models in each of the Azure OpenAI resources. I access them via the Azure OpenAI API.
How can I see the IPs of the ...
- 1,072
0
votes
1
answer
1k
views
Why does default nginx access log show access.log > /dev/stdout
I'm running nginx locally. Without adding any explicit logging configuration to nginx.conf, a symbolic link is added under /var/log/nginx, for access.log:
/var/log/nginx # ls -l
lrwxrwxrwx 1 root ...
- 233
0
votes
1
answer
26
views
Notifying an administrator when mail-server wasn't able to upload logs to ftp-server - if condition is failing
I am currently working on a solution, that would notify me whenever my mail-server isn't able to transfer files to my ftp-server. (Right now my logs get rotated once per night and immediately uploaded ...
- 65
0
votes
1
answer
150
views
Nginx access_log format "timing"?
I'm using a config snippet to setup a reverse proxy with nginx version: nginx/1.14.1 - it has "timing" specified as access_log's format - that causes an error.
## Application specific logs
...
1
vote
1
answer
51
views
how to make logrotate take filesize into consideration when rotating
Lets say I want to logrotate when the filesize is 1kb . Before the run if the filesize of the log is 4kb I expect logrotate to create 4 different log files.
Before:
something.log (4kb)
What I expect ...
- 13
3
votes
2
answers
785
views
How to automatically change the name of a file on a daily basis
I am new to Linux/CentOS and right now I am running into a little problem.
My CentOS7 Server logs all Maillogs, via Logrotate, on a daily basis and moves them to the folder /var/log/old_maillogs. ...
- 65
1
vote
1
answer
59
views
trace kubernetes users activities in pods
I want to track users activities in a k8s cluster. for example I want to get k8s username of a user that executes a command in a pod. there is a tool named Tetragon. it can uses k8s api.
following log ...
- 13
0
votes
0
answers
228
views
Automatically delete log files with JBoss CLI for Wildfly application
I want to automatically delete my Wildfly logs after a certain period of time (e.g. 3 days). As I am running my application in a container which has no access to crontab, I want to do this via a JBoss ...
0
votes
0
answers
50
views
Split logging on rsyslogd
My goal is to send all logs to one source remote and still log local but then send all the AuditD logs to its own source on port 20002. But for some reason, my auditd logs are still ending up with my ...
- 3,941
1
vote
1
answer
71
views
Postfix logging incomplete after changing myhostname
My postfix installation does not log most of the messages after changing myhostname. The myhostname is now different from the FQDN (and hostname) of the machine where it used to be the same. After ...
- 121
0
votes
1
answer
81
views
Send kubernetes audit logs to multiple servers
How to send k8s audit logs to multiple servers/endpoints?
I tried to
pass multiple --audit-webhook-config-file arguments to kube-apiserver
add another cluster to the webhook config file
but these ...
- 220
0
votes
1
answer
349
views
How do I disable logging from systemd when I login
My journald log contains lots of messages of this kind:
Jun 03 11:38:37 test1 systemd[225427]: pam_unix(systemd-user:session): session opened for user user(uid=1000) by (uid=0)
Jun 03 11:38:37 test1 ...
- 111
0
votes
0
answers
124
views
Error handling in Cloud functions - Cloud Logging
I have a series of cloud functions and I want to get an alert when errors occur in them. I already have the alert set and it works.
I decided to use the Cloud Logging logs: functions.logger.error(...
0
votes
0
answers
122
views
access.log of Nginx filling up space (Ubuntu 22 Server)
Recently I have deployed my website using node.js server and using Nginx as reverse proxy, also nginx handles SSL, and forwards the HTTPS to HTTP server of node.js running at specific port. I am using ...
1
vote
0
answers
110
views
View logs from short lived containers in docker stack
Similar to this question, but with the intricacies of the docker stack added.
While debugging short lived containers on vanilla docker is "easy", you just do docker logs -f "...
0
votes
1
answer
69
views
Apache how to find cause of 404 with rewriterule ignored
So I have this
RewriteCond %{REQUEST_URI} (da-dk)/(.*)(/|\.php)$
RewriteRule ^(da-dk)/(.*)(/|\.php)$ /$2$3 [L]
But for some reasons example.com/da-dk/ gives "404 - not found"
I would like ...
- 97
0
votes
0
answers
116
views
Add mac address in rsyslog template
I am trying to add system/device mac address in syslog. No solution is working for me. Following command gives me mac address, just wanted to use in rsyslog template.
mac_addr=$(ifconfig en0 | awk '/...
1
vote
0
answers
182
views
LogStash and parsing OPNSenser logs
My logs are coming in as follows:
<134>May 24 14:39:32 edge.internal filterlog[2535]: 78,,,ffe6d10d1f27a42fc0edc3abb3a6d333,ovpnc1,match,pass,out,4,0x0,,63,61951,0,DF,6,tcp,60,10.8.0.2,20.44.17....
- 3,941
0
votes
0
answers
45
views
PROMPT_COMMAND duplicating commands on new sessions
Im playing around with PROMPT_COMMAND variable
Was testing out some ways to save all commands into a log file and got some ways using PROMPT_COMMAND + logger + rsyslog
Example export im using
export ...
- 23
0
votes
1
answer
126
views
Loggin bash_history using UTC timestamp when not using UTC as system time
I am aware that it is possible to add timestamps to bash_history.
The examples I've seen so far it always uses the current system time. And here is the problem for me: On the one hand, I like to keep ...
- 17
1
vote
1
answer
404
views
Systemd service not logging
I have a systemd service. No logs appear from it despite my best efforts. This is the service file:
[Unit]
Description=Load Balancer
[Service]
WorkingDirectory=/home/lb
ExecStart=/usr/lib/jvm/jdk-20/...
- 111
0
votes
1
answer
61
views
Do not log access to some php scripts
I would like to exclude from access.log access to some php scripts.
To do this, I did the following:
location ~ ^/lib/exe/(jquery|taskrunner|css|js)\.php$ {
access_log off;
#...
- 1
0
votes
0
answers
60
views
Cron job is wokring fine but new cron logs are not adding in cron log file
i mistakely press wq! in cron log file located /var/log/cron now new logs are not updateing in cron log file i serach many thing like
remove cron file and touch /var/log/cron Steel not updateing
...
