-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: syslog-summary Version: 1.12
When syslog-summary is run on a syslog file it nukes the dates and PIDs from the log entries, as in the following example: Raw log fragment: Oct 11 07:36:48 nestie syslogd 1.4.1#10: restart. Oct 11 07:36:48 nestie anacron[16978]: Job `cron.daily' terminated (exit status: 1) (mailing output) Oct 11 07:37:04 nestie identd[17356]: started Oct 11 07:37:04 nestie anacron[16978]: Normal exit (1 jobs run) Oct 11 07:38:02 nestie /USR/SBIN/CRON[17384]: (mail) CMD ( if [ -x /usr/sbin/exim -a -f /etc/exim/exim.conf ]; then /usr/sbin/exim -q ; fi) Oct 11 07:39:01 nestie /USR/SBIN/CRON[17402]: (pigeon) CMD (ping -c 4 195.40.1.36 > /dev/null 2>&1 || ssh stunted 'touch /tmp/pingdontwork'^I) Oct 11 07:40:01 nestie /USR/SBIN/CRON[17417]: (pigeon) CMD (/home/pigeon/bin/fprcpics 2>/dev/null) Oct 11 07:45:01 nestie /USR/SBIN/CRON[17504]: (root) CMD (/root/bin/update-resolv.conf) Oct 11 07:50:01 nestie /USR/SBIN/CRON[17570]: (pigeon) CMD (/home/pigeon/bin/fprcpics 2>/dev/null) Oct 11 07:51:54 nestie dhttpd[17621]: Request from 70.34.169.178: GET /pigeons_nest_website_images/quantum-weirdness.png HTTP/1.1 Oct 11 07:51:54 nestie dhttpd[17621]: File: /var/www/pigeons_nest_website_images/quantum-weirdness.png Oct 11 07:51:54 nestie dhttpd[17621]: Status: 0 (OK) Oct 11 07:51:54 nestie dhttpd[17621]: Referer: http://pigeon.dyndns.org/stuff/macroscopic-quantum-phenomena.html Oct 11 07:51:54 nestie dhttpd[17621]: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) Output of "syslog-summary fragment": Summarizing syslog 0 Lines skipped (already processed) 0 Patterns to ignore 0 Ignored lines 1 nestie syslogd 1.4.1#10: restart. 1 nestie anacron: Job `cron.daily' terminated (exit status: 1) (mailing output) 1 nestie identd: started 1 nestie anacron: Normal exit (1 jobs run) 1 nestie /USR/SBIN/CRON: (mail) CMD ( if [ -x /usr/sbin/exim -a -f /etc/exim/exim.conf ]; then /usr/sbin/exim -q ; fi) 1 nestie /USR/SBIN/CRON: (pigeon) CMD (ping -c 4 195.40.1.36 > /dev/null 2>&1 || ssh stunted 'touch /tmp/pingdontwork'^I) 2 nestie /USR/SBIN/CRON: (pigeon) CMD (/home/pigeon/bin/fprcpics 2>/dev/null) 1 nestie /USR/SBIN/CRON: (root) CMD (/root/bin/update-resolv.conf) 1 nestie dhttpd: Request from 70.34.169.178: GET /pigeons_nest_website_images/quantum-weirdness.png HTTP/1.1 1 nestie dhttpd: File: /var/www/pigeons_nest_website_images/quantum-weirdness.png 1 nestie dhttpd: Status: 0 (OK) 1 nestie dhttpd: Referer: http://pigeon.dyndns.org/stuff/macroscopic-quantum-phenomena.html 1 nestie dhttpd: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) This behaviour makes analysis of the log file a somewhat futile process. It is the behaviour seen when SYSLOGSUMMARY=1 is set in /etc/logcheck/logcheck.conf for default installations of logcheck and syslog-summary. Versions of packages syslog-summary depends on: python2.2: 2.2.3dfsg-2sarge1 Other information: libc6: 2.3.2.ds1-22sarge3 Kernel: Linux schnellbox 2.6.16schnellbox.raid.highmem.acpischnellbox.raid.highmem.acpi #1 PREEMPT Sun May 28 15:50:52 BST 2006 i686 GNU/Linux - -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFFLaa7UxADjyHGH38RApNQAJ4rUD8DQgaqjMOxvIhs2aiAAt0fIwCgnz0C aGY4iCNTu34GYxhH0dyhsYc= =lIv8 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
