Date: Wed, 29 Jun 2005 15:05:27 -0500 From: James Riendeau <jtriende@wisc.edu> To: "Dixit, Viraj" <Viraj.Dixit@CityofPaloAlto.org>, freebsd-questions@freebsd.org Subject: Re: Logging Stops after few minutes Message-ID: <BEE86937.87F3%jtriende@wisc.edu> In-Reply-To: <A3114C5FA7BA8E4B8F20A198F89917503E76B4@xiris.staff.copa>
next in thread | previous in thread | raw e-mail | index | archive | help
First let's be sure that syslogd is not logging at all. Try this: $ sudo tail -n10 /var/log/messages Enter your password $ su Enter anything (an incorrect password) $ sudo tail -n10 /var/log/messages If the somewhere in the last few lines of the messages log you see a message that there was a "BAD SU" attempt, syslogd is working fine. Then we have to look at the syslog settings for ftp (or whatever isn't logging). If that didn't work, just for kicks try stopping syslogd if it's running (started), moving it to .old, and rebuilding a replacement. (Hopefully this is typo-free) # /etc/rc.d/syslogd stop # mv /usr/sbin/syslogd /usr/sbin/syslogd.old # cd /usr/src/usr.sbin/syslogd # make # make install # /etc/rc.d/syslogd start Note that you will probably have to do make and make install as two separate commands (without a clean). That may or may not do anything useful. If it does, you might want to do some hard drive checks to make sure things are in good order. Also, I trust that you are using /etc/rc.d/ to start and stop system processes. If that doesn't work, what does: ps -waux | grep syslogd Output? Also, if possible, send me a copy of the /etc/syslog.conf file. James Riendeau MMI Computer Support Technician 1300 University Ave Rm. 436, Dept. of MedMicro Madison, WI 53706 Phone: (608) 262-3351 After-hours Phone: (608) 260-2696 Fax: (608) 262-8418 Email: jtriende@wisc.edu - On 6/29/05 1:28 PM, "Dixit, Viraj" <Viraj.Dixit@CityofPaloAlto.org> wrote: > Sorry! Didn't mean to be snappy, I thank you for your level head. Basically, > this is what is happening the syslog.conf file has the line for all.log to be > activated in the directory I chose, which is /usr/log. I know for certain that > if I stop and restart the syslogd daemon, it will start writing to all.log and > then after few minutes, it will stop and that is it. I have my FTPD daemon > setup to record all FTP activity but that is not happening. Please tell me > running FTPD as daemon is not the cause or should I run FTP as a service. I > have a lot of load due to FTP. Thanks for your help!!! > VJ > > -----Original Message----- > From: James Riendeau [mailto:jtriende@wisc.edu] > Sent: Wednesday, June 29, 2005 11:19 AM > To: Dixit, Viraj; freebsd-questions@freebsd.org > Subject: Re: Logging Stops after few minutes > > Whoa now. No need for us all to get snappy. Bottom line, what you posted > isn't much help, and without knowing anything about your system/setup, it's > very difficult to offer solutions. > > First things first, are you sure that syslogd stops working after only 2 > minutes? Syslogd only chews on the processor when it has something to do. > Showing up as only running for 2 minutes when you run ps shouldn't be a > concern; that is the total CPU time and syslogd doesn't need much time to > get the job done on most systems. > > If you're certain that it isn't logging events that it should: did you make > ever make any modifications to /etc/syslog.conf? If so, comment out (put a > # at the start of the line) the lines with the most recent changes. Restart > syslogd. If it works, uncomment out one line and restart syslogd. Keep > doing that until you narrow down what causes syslog to suspend operations. > Let us know if you find out anything. > > > James Riendeau > MMI Computer Support Technician > 1300 University Ave > Rm. 436, Dept. of MedMicro > Madison, WI 53706 > > Phone: (608) 262-3351 > After-hours Phone: (608) 260-2696 > Fax: (608) 262-8418 > Email: jtriende@wisc.edu > > > On 6/29/05 12:55 PM, "Dixit, Viraj" <Viraj.Dixit@CityofPaloAlto.org> wrote: > >> Well, I will disregard your harsh comments. What I am trying to do is have >> all >> my FTP activity be logged in all.log. If you look at my FTP command it should >> be logging whole lot of information and my syslogd command should allow >> syslogd to continue writing without any delay. As for cron command, that just >> got copied with the rest. If you think what I pasted is meaningless, your >> common sense should have given you an indication to what I am looking for, >> just read the heading. Thank You!! >> VJ >> >> -----Original Message----- >> From: fbsd_user [mailto:fbsd_user@a1poweruser.com] >> Sent: Wednesday, June 29, 2005 10:36 AM >> To: Dixit, Viraj; freebsd-questions@freebsd.org >> Subject: RE: Logging Stops after few minutes >> >> That's all very nice, but how about a explanation of >> what your are trying to do with logging and what >> cron has to do with things. >> >> With no background info what you posted is meaningless. >> >> -----Original Message----- >> From: owner-freebsd-questions@freebsd.org >> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dixit, >> Viraj >> Sent: Wednesday, June 29, 2005 12:53 PM >> To: freebsd-questions@freebsd.org >> Subject: Logging Stops after few minutes >> >> >> >> >> I have been trying to find out why my system stops recording in the >> log files after few minutes. It will log if restart my syslogd >> daemon but then stops recording. I am pasting the commands and all >> relevant information below. Please advise, I need the log >> information!!! Thanks, >> VJ >> >> 8127 ?? Ss 0:02.23 /usr/sbin/syslogd -m 0 >> >> 24667 ?? Is 0:13.76 /usr/sbin/cron >> 61326 ?? Is 0:13.26 /usr/libexec/ftpd -D -l -l >> >> gatekeeper# cd /usr/log >> gatekeeper# ls -l >> total 0 >> -rw-r--r-- 1 root wheel 0 Jun 17 12:37 all.log >> -rw-r--r-- 1 root wheel 0 Jun 15 11:43 messages >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BEE86937.87F3%jtriende>