similar to: Suggestion for logging documentation (syslog-ng example)

Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I

Hi all! Is anybody here using rsyslog? I am looking for the right solution how to use rsyslog in CentOS 5 as the default logging daemon. We use it because of filtering using regular expressions. I switched from sysklogd to rsyslog simply using chkconfig --del syslog chkconfig --add rsyslog chkconfig rsyslog on service syslog stop service rsyslog start but this seems not to be

Source: xen Severity: grave Tags: security Hi, the following security issues apply to Xen in jessie: CVE-2014-5146,CVE-2014-5149: https://marc.info/?l=oss-security&m=140784877111813&w=2 CVE-2014-8594: https://marc.info/?l=oss-security&m=141631359901060&w=2 CVE-2014-8595: https://marc.info/?l=oss-security&m=141631352601020&w=2 Cheers, Moritz

Source: xen Severity: grave Tags: security The following security issues are still open in 4.4.0-1: Xen Security Advisory CVE-2014-2599 / XSA-89 https://marc.info/?l=oss-security&m=139643934717922&w=2 Xen Security Advisory CVE-2014-3124 / XSA-92 https://marc.info/?l=oss-security&m=139894169729664&w=2 Xen Security Advisory CVE-2014-3967,CVE-2014-3968 / XSA-96

On Wed, Nov 19, 2014 at 11:45:02PM +0100, Moritz Muehlenhoff wrote: > Source: xen > Severity: grave > Tags: security > > Hi, > the following security issues apply to Xen in jessie: > > CVE-2014-5146,CVE-2014-5149: > https://marc.info/?l=oss-security&m=140784877111813&w=2 > > CVE-2014-8594: >

hello logging is not working as i exspect it. i am not sure if this is due to a but or a misunderstanding on my part. i use shorewall 2.0.4 and for logging metalog 0.8. the problem is that new connections of certain (most) types don''t get logged. when i browse for example i see such: ---------------------------------------------------------------------- Dec 3 15:49:12 [kernel]

Hello, My entry for newsyslog in /etc/crontab is: 0 * * * * root newsyslog -t \%Y-\%m-\%d_\%H:\%M And I get: newsyslog: Could not convert time string to time value: No such file or directory I try to use the newsyslog from head to to avail. This solution was working a month ago (see Revision 248776) My file system is zfs version 28. Henri

Hi, I have a legal requirement to log all connections and I will use ULOG to log all ACCEPTED conenctions. However it is so much easier to look at text log file compared to binary log file. So I would like to log DROPPED/REJECTED packets with SYSLOG for rule testing/debuging purposes. Is it possible to use both ULOG for ACCEPTED packets and SYSLOG for DROPPED packets? Thank you for your help.

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in syslogd Advisory ID: RHSA-1999:055-01 Issue date: 1999-11-19 Updated on: 1999-11-19 Keywords: syslogd sysklogd stream socket Cross references: bugtraq id #809 --------------------------------------------------------------------- 1. Topic: A

Hello Puppet Users, The following is the result of my first attempt to create a useful component definition of something I wanted Puppet to manage. Instead of just copying over "precompiled" syslog.conf files, I thought it would be more useful if I could specify the elements of the syslog.conf file. (Ultimately, I think this should be defined as a type.) I hit a few hurdles and I

Hi, This advisory has a bit more than the Red Hat one.... Roger. ----- Forwarded message from Alfred Huger ----- >>From owner-bugtraq@SECURITYFOCUS.COM Mon Nov 22 18:49:41 1999 Approved-By: aleph1@SECURITYFOCUS.COM Message-ID: <Pine.GSO.4.10.9911220906250.11753-100000@www.securityfocus.com> Date: Mon, 22 Nov 1999 09:08:08 -0800 X-Reply-To: Alfred Huger

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

Dear list! I have a little problem, trying to enable logging of deny rule. I have enabled it via kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=3 It is ipfw2. After that, my inten- tion was to use syslogd and !ipfw *.* /var/log/ipfw.log and newsyslog with /var/log/ipfw.log 600 3 100 * J In rc.conf I have firewall_enable="YES"

Greetings list-members! I''m a puppet newb and I''m trying to write a recipe that replaces the standard Redhat sysklogd with syslog-ng. I do this to separate shorewall-generated iptables log messages from / var/log/messages into a separate log. I have something that works now but it spews warnings every time puppetd runs on the client. The outline of what I wanted was to

Another from Bugtraq. I've also forwarded this one on to our contact at Red Hat (Stephen Smoogen) and he tells me it's in their QA currently. Dan _______________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator

I'm noticing something strange on two of my machines.. They're both 4.7-RELEASE-p3 i386 and they've both been up 150 days without any problems... /var/log/messages on each system contains only: Jun 9 12:00:01 in newsyslog[60291]: logfile turned over dmesg's output is truncated.. it periodically changes, but currently it reads: ite.net host=6532251hfc207.tampabay.rr.com

Using FreeBSD-7.2, I am attempting to configure the system newsyslog utility to rotate the dovecot.log file. I would prefer to use the system utility rather than the one described on the dovecot wiki for rotating the file. Unfortunately, it is not working. This is the error message that is spawned: newsyslog: illegal signal number in config file: /var/log/dovecot.log root:wheel 0666 1 *

sysklogd in RH4.2 always opens a UDP listen socket, even when -r is not specified on the command line. It doesn''t check the file descriptor when -r is off though, but the behaviour still irritates the system administrator greatly (see also the recent bugtraq messages about this). Here is a patch to fix this: --- sysklogd-1.3/syslogd.c-o Wed Sep 3 22:19:26 1997 +++

Hi All, This has to be something simple....but it's really busting my chops. We have a PXE boot server that is used for initial installation of a number of operating systems and it works well. However the CentOS 5.1 x86_64 install is seriously broken. We've made the PXE boot images available from "centos/5/os/x86_64/images/pxeboot/" in the tftp boot etc. We've rsynced

Ok, I can't quite figure out how to make this work. I want to simultaneously log everything for facility local5 in a local file and a remote syslog-ng server. local7 is working fine getting the boot.log log entries transferred over to the syslog-ng server, but not so much with local5. Local logging of local5.* on the client is working fine now. SERVER: /etc/syslog-ng/syslog-ng.conf