root@monitor:/opt/observium# service syslog-ng restart
Stopping system logging: syslog-ng.
Starting system logging: syslog-ngsyslog-ng: Error setting capabilities, capability management disabled; error='Operation not permitted'
root@monitor:/opt/observium# uname -a
Linux monitor 2.6.32-042s
使用sudo service ssh status,我们可以得到日志的输出,例如
Jul 16 07:35:50 Linux sshd[1426235]: Disconnected from invalid user root 111.111.111.111 port 59242 [preauth]
Jul 16 07:38:50 Linux sshd[1429104]: User root not allowed because account is locked
我很难理解这是从哪里来的。我的sshd配置设置为登录到SysLogFacility AUTH。
service只是解析syslo
在编译glibc 2.11时,我得到了以下错误。有没有办法解决这个问题。
In file included from ../sysdeps/unix/sysv/linux/syslog.c:10:
../misc/syslog.c: In function ‘__vsyslog_chk’:
../misc/syslog.c:123: sorry, unimplemented: inlining failed in call to ‘syslog’: function body not available
../misc/syslog.c:155: sorry, unimplemented: c
我需要使用cpp将日志发送到syslog server。可以在网络中的same machine或different machine上配置Syslog server。windows or linux machine上可能存在系统日志服务器。有没有什么third party库可以用来将日志转发到syslog服务器?Cpp将是我编写代码的首选。如果没有第三方库,哪种选择更好?
我在/etc/rsyAdd.1-.conf中有这两个参数
$ModLoad imjournal # provides access to the systemd journal
...
# Turn off message reception via local log socket;
# local messages are retrieved through imjournal now.
$OmitLocalLogging on
我在SELinux上遇到了问题,Rsyslog记录了以下内容:
Jun 6 10:53:14 vpod1-logm-front-3 rsyslogd: fope