l***r
发帖数: 459 | 1 hi Experts,
is there any way to get signal from syslogd?
where is syslog file and how to check the size of syslog?
Thanks. |
|
m*******m
发帖数: 182 | 2
I took a quick look of the syslogd source code (under a BSD
source tree), and did not find any signal emition. So, I
guess there is no way to get.
I assume that you mean the log file. It is configurable in
/etc/syslog.conf.
Normally, /var/log/messages. You can just check the size of
this file. |
|
m*******m
发帖数: 182 | 3
What OS are you running? (What does `uname -a` report?)
What
is the content in /etc/syslogd.conf?
`man fstat` |
|
l***r
发帖数: 459 | 4 I check syslogd again on website
http://www.cert.org/security-improvement/implementations/i04
1.08.html
in example actions, there is one sample:
fred,user1 Send messages to users
I wonder if it can send a message to a user account. And at
user side,
I can set a proceess to wait for message coming.
Basically, I am eager to get syslog information in near real
time.
Thanks. |
|
f**c
发帖数: 791 | 5 在两个不同workspace的terminal里面都出现了,似乎还"嘀"了一声:
Message from syslogd@localhost at Feb 12 18:41:47 ...
kernel:Oops: 0010 [1] SMP
Message from syslogd@localhost at Feb 12 18:41:47 ...
kernel:Code: Bad RIP value.
Message from syslogd@localhost at Feb 12 18:41:47 ...
kernel:CR2: 0000000000000000
后来发现好像firefox crash了,在开也没什么不对的。。。
是内存出什么问题了么?
-
明万历三十年,明神宗皇帝改名缙云寺。寺内现存古建为清康熙二十二年(1683年)破空大师所建。
P5QPRO/Q***[email protected]/8GMem/FC10 |
|
N******7
发帖数: 1297 | 6 用FreeBSD + zfs吧,我就是用这个做我的Home Server/File Server的。用FreeBSD的
主要原因其实就两个:
1、zfs。open solaris差不多死了,现在还在推动zfs的就是FreeBSD。而且zfs的一些
概念做File Server真是好。永远不会因写一半断电而搞坏file system,snapshot
backup和restore就是一秒钟的事。和mount, nfs等完美的结合。对compression,
checksum等的支持等等,de-dup也会很快就有了。我现在是用RAIDZ (4 + 1),你还可
以用RAIDZ2 (N + 2)。
2、jail。FreeBSD的jail可以算是非常轻量级的VM。同chroot比起来,它能更好的把你
的环境独立起来,更close to virtual machine。你有自己的CPU resource, Memory
resource等等。但同真正的VM比起来,又不会需要那么多duplicated processes for
each VM。比如很多系统内核的process,在VM里每一个VM... 阅读全帖 |
|
g****e
发帖数: 172 | 7 那些suspicious files安全吗?
多谢!!
sudo chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking ... 阅读全帖 |
|
g****e
发帖数: 172 | 8 【 以下文字转载自 Linux 讨论区 】
发信人: gangle (nothing), 信区: Linux
标 题: 请高手帮忙看看这个chkrootkit安全否?
发信站: BBS 未名空间站 (Mon Aug 13 18:29:14 2012, 美东)
那些suspicious files安全吗?
多谢!!
sudo chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... ... 阅读全帖 |
|
l***r
发帖数: 459 | 9 hi friends,
I modified syslog.conf by adding one line:
auth.* /var/adm/all.msg
Then I shutdown syslogd by using "/etc/init.d/syslog stop".
But when I restart syslogd by using "/etc/init.d/syslog
start", I got error message like " no priority "*" ". It
seems I have to make priority clear, like "*.info". But my
previous student wrote a note that "*.*" is working for
syslog.conf. :(((
I don't know if it is my problem or she was wrong.
Another problem, I modify syslog.conf by adding one line:
auth |
|
A**l
发帖数: 2650 | 10 You can set the "level" to be logged to syslogd |
|
d*j
发帖数: 756 | 11 【 以下文字转载自 BuildingWeb 讨论区 】
发信人: dmj (大马甲), 信区: BuildingWeb
标 题: 急问:我的机器被 hack 了吗?
发信站: BBS 未名空间站 (Tue Feb 11 01:10:30 2014, 美东)
(1)在 syslog 里面有一大堆这个东西:
Feb 10 01:15:02 dmjuser syslogd 1.5.0#6ubuntu1: restart.
Feb 10 01:20:01 dmjuser CRON[8164]: (smmsp) CMD (test -x /etc/init.d/
sendmail && /usr/share/sendmail/sendmail cron-msp)
Feb 10 01:20:01 dmjuser sm-msp-queue[8179]: My unqualified host name (
dmjuser) unknown; sleeping for retry
Feb 10 01:21:01 dmjuser sm-msp-queue[8179]: unable to qualif... 阅读全帖 |
|
m******e
发帖数: 1399 | 12 For trouble shotting, maybe u can download a monitor apps and look at what
was running on ur back ground?
maybe you cam compare your process list with mine. Mine is 4% overnight.
0 kernel_task
1 launchd
12 UserEventAgent
13 notifyd
14 configd
15 SpringBoard
16 syslogd
17 CommCenter
22 lockdownd
24 powerd
28 locationd
29 wifid
31 ubd
45 mediaserverd
46 mediaremoted
47 mDNSResponder
49 imagent
50... 阅读全帖 |
|
d*j
发帖数: 756 | 13 (1)在 syslog 里面有一大堆这个东西:
Feb 10 01:15:02 dmjuser syslogd 1.5.0#6ubuntu1: restart.
Feb 10 01:20:01 dmjuser CRON[8164]: (smmsp) CMD (test -x /etc/init.d/
sendmail && /usr/share/sendmail/sendmail cron-msp)
Feb 10 01:20:01 dmjuser sm-msp-queue[8179]: My unqualified host name (
dmjuser) unknown; sleeping for retry
Feb 10 01:21:01 dmjuser sm-msp-queue[8179]: unable to qualify my own domain
name (dmjuser) -- using short name
Feb 10 01:22:50 dmjuser ntpd[611]: step-systime: Operation not permitted
Feb 10... 阅读全帖 |
|
h*******x
发帖数: 12808 | 14 最近修改kernel用sctp协议module,添加一些功能。我的修改的modules有时候会导致
linux
kernel panic,然后linux直接crush了。怎么能把linux kernel panic最后几条
message保存
下来呢?syslogd之类无法记录最后几条消息,/var/log/message和/var/log/kern.log
都没有
最后panic前的dump。虽然kernel panic dump会往console上显示,但是我的程序在实
验室跑的
很好,到了外边(距离实验室比较远)测试就crash,很郁闷。没法查看。
我现在是打算弄一个虚拟机,跑测试kernel,远程vnc上,这样crash了之后,能看到虚
拟机上看到最
后的消息,还是很麻烦。有些时候消息多了,就看不到了。有没有别的办法呢? |
|
b***i
发帖数: 3043 | 15 新的信息
大神帮看看那里可以提高?
[ 0.128265] omap_i2c omap_i2c.1: bus 1 rev2.4.0 at 100 kHz
[ 0.129791] tps65910 1-002d: JTAGREVNUM 0x1
[ 0.133728] print_constraints: VRTC:
[ 0.135223] print_constraints: VIO: at 1500 mV
[ 0.137603] print_constraints: VDD1: 600 <--> 1500 mV at 1100 mV normal
[ 0.139923] print_constraints: VDD2: at 1100 mV
[ 0.140960] print_constraints: VDD3: 5000 mV
[ 0.142425] print_constraints: VDIG1: at 1800 mV
[ 0.143890] print_constraints: VDIG2: at 1800 mV
[ ... 阅读全帖 |
|
l***r
发帖数: 459 | 16
Thank you. I just check /var/log directory in our system.
There is no messages but syslog. However, syslog is 0 byte.
What's wrong with that? Is that because I am not root? Btw,
how
can I check size of a certain file by C/C++? I am poor on
C/C++. |
|
m*******m
发帖数: 182 | 17
Looks like you are on a Solaris box. It is usually set to
be
/var/adm/messages (but you need double check with
/etc/syslog.conf
to make sure), and it is world readable. |
|
m*******m
发帖数: 182 | 18 Do something like what 'tail' does. You can find the source
easily. |
|
l***r
发帖数: 459 | 19 sorry, I don't understand. could you make it clear? thanks. |
|
|
c**o
发帖数: 166 | 21 If you are using the default sftp server, you need to check /etc/syslog.conf
to see if there is a line something like
auth.info /var/log/authlog
If not, you need to add it and restart the syslogd daemon.
If your sftp server is not the default server, you need to check the sshd_
config file to see where the log is. |
|
c**y
发帖数: 2282 | 22 520 www-data 20 0 32976 9.8m 3300 S 0.0 8.0 0:06.90 php-cgi
726 mysql 20 0 30288 6364 2820 S 0.0 5.1 0:14.73 mysqld
21716 asterisk -11 0 20904 6112 1928 S 0.0 4.9 1:00.68 asterisk
505 www-data 20 0 28380 1832 104 S 0.0 1.5 0:00.10 php-cgi
22751 www-data 20 0 5688 1748 888 S 0.0 1.4 0:00.05 nginx
22718 root 20 0 3160 1720 1340 S 0.0 1.4 0:00.12 bash
22774 root 20 0 2552 1164 936 R 1.0 0.9 0:00.16 top
22717 root 20 0 2616... 阅读全帖 |
|
c**y
发帖数: 2282 | 23 这个带表头的能好看点
top - 18:14:03 up 2 days, 9:48, 1 user, load average: 0.00, 0.02, 0.00
Tasks: 50 total, 1 running, 49 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.3%us, 0.3%sy, 0.0%ni, 99.3%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%
st
Mem: 125732k total, 120400k used, 5332k free, 28324k buffers
Swap: 0k total, 0k used, 0k free, 48532k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
520 www-data 20 0 32976 9.8m 3300 S 0.0 8.0 ... 阅读全帖 |
|
k****t
发帖数: 2288 | 24 用top得到的:
Mem: 14888K used, 111788K free, 0K shrd, 444K buff, 8224K cached
CPU: 0% usr 0% sys 0% nic 100% idle 0% io 0% irq 0% sirq
Load average: 0.00 0.03 0.00 2/42 2008
PID PPID USER STAT VSZ %MEM %CPU COMMAND
1849 1842 root S 5616 4% 0% /usr/sbin/asterisk
1841 1 root S 5616 4% 0% /usr/sbin/asterisk
1846 1842 root S 5616 4% 0% /usr/sbin/asterisk
1845 1842 root S 5616 4% 0% /usr/sbin/asterisk
1843 1842 root S 56... 阅读全帖 |
|
