[rsyslog-notify] Forum Thread: Re: demolish the syslog system - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Wed Dec 2 07:43:29 CET 2015
User: venember
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26216#p26216
Message:
----------
Thank you.
I think that if somebody goes to war he should better do not assemble his
weapon on the battleground... the better solution is to carry a working
one with him.
Apparently the only one mainly error-free logging procedure the journal. It
seems that the SuSE do not support legacy logging systems and/or not tested
their distribution on legacy systems at all.
They also built up an industrial-wide policykit system which wrote over the
root privileges at the beginning... I could not reboot the system by remote
firstly...
But if somebody deletes the polkit, it erases the desktop system also... it
is a tragedy.
The machine is on the battleground. The third solution that I will build up
a homemade log and defense system using journald and some other basic log
files... ridiculous and disastrous.
I was trying the second way and the system logging stopped twice because of
the disk was full. The /var space is 200GB... and the mail and fail2ban did
not log at all. And at the end the journald freezes with errors... I was
trying a lot and I learned a lot about rsyslog via my mistakes... I will
try the imjournal (I have not heard about it till now) maybe it helps...
More information about the rsyslog-notify
mailing list