[rsyslog-notify] Forum Thread: Re: Facility and Severity tabs not posting - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Mon Jun 15 21:32:58 CEST 2015
User: satya1225
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25699#p25699
Message:
----------
Hi,
The last two lines of my config file is like blow.
$template DynaFile, "/var/log/servers/system-%HOSTNAME%.log"
*.* -?DynaFile;RSYSLOG_TraditionalFileFormat
Kindly find the latest lines of output from the log file below.
[root at sgxhydsyslog servers]# tail -25 system-sgxhydsyslog.log
Jun 16 00:53:45 sgxhydsyslog sshd[1647]: reverse mapping checking
getaddrinfo for sbsasupport.sgxhyd.local [192.168.8.51] failed - POSSIBLE
BREAK-IN ATTEMPT!
Jun 16 00:53:49 sgxhydsyslog sshd[1647]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=192.168.8.51 user=root
Jun 16 00:53:51 sgxhydsyslog sshd[1647]: Failed password for root from
192.168.8.51 port 62077 ssh2
Jun 16 00:53:55 sgxhydsyslog sshd[1647]: Accepted password for root from
192.168.8.51 port 62077 ssh2
Jun 16 00:53:55 sgxhydsyslog sshd[1647]: pam_unix(sshd:session): session
opened for user root by (uid=0)
Jun 16 00:59:37 sgxhydsyslog kernel: Kernel logging (proc) stopped.
Jun 16 00:59:37 sgxhydsyslog rsyslogd: [origin software="rsyslogd"
swVersion="5.8.10" x-pid="955" x-info="http://www.rsyslog.com"] exiting on
signal 15.
Jun 16 00:59:37 sgxhydsyslog kernel: imklog 5.8.10, log source = /proc/kmsg
started.
Jun 16 00:59:37 sgxhydsyslog rsyslogd: [origin software="rsyslogd"
swVersion="5.8.10" x-pid="1695" x-info="http://www.rsyslog.com"] start
Jun 16 00:59:54 sgxhydsyslog sshd[1706]: reverse mapping checking
getaddrinfo for sbsasupport.sgxhyd.local [192.168.8.51] failed - POSSIBLE
BREAK-IN ATTEMPT!
Jun 16 00:59:57 sgxhydsyslog sshd[1706]: Accepted password for root from
192.168.8.51 port 62217 ssh2
Jun 16 00:59:57 sgxhydsyslog sshd[1706]: pam_unix(sshd:session): session
opened for user root by (uid=0)
Jun 16 01:00:01 sgxhydsyslog CROND[1729]: (root) CMD (/usr/lib64/sa/sa1 1
1)
Jun 16 01:00:14 sgxhydsyslog kernel: Kernel logging (proc) stopped.
Jun 16 01:00:14 sgxhydsyslog rsyslogd: [origin software="rsyslogd"
swVersion="5.8.10" x-pid="1695" x-info="http://www.rsyslog.com"] exiting on
signal 15.
Jun 16 01:00:14 sgxhydsyslog kernel: imklog 5.8.10, log source = /proc/kmsg
started.
Jun 16 01:00:14 sgxhydsyslog rsyslogd: [origin software="rsyslogd"
swVersion="5.8.10" x-pid="1743" x-info="http://www.rsyslog.com"] start
Jun 16 01:01:01 sgxhydsyslog CROND[1757]: (root) CMD (run-parts
/etc/cron.hourly)
Jun 16 01:01:01 sgxhydsyslog run-parts(/etc/cron.hourly)[1757]: starting
0anacron
Jun 16 01:01:01 sgxhydsyslog anacron[1768]: Anacron started on 2015-06-16
Jun 16 01:01:01 sgxhydsyslog run-parts(/etc/cron.hourly)[1770]: finished
0anacron
Jun 16 01:01:01 sgxhydsyslog run-parts(/etc/cron.hourly)[1757]: starting
mcelog.cron
Jun 16 01:01:01 sgxhydsyslog anacron[1768]: Jobs will be executed
sequentially
Jun 16 01:01:01 sgxhydsyslog anacron[1768]: Normal exit (0 jobs run)
Jun 16 01:01:01 sgxhydsyslog run-parts(/etc/cron.hourly)[1785]: finished
mcelog.cron
More information about the rsyslog-notify
mailing list