From: Jim Klimov <[email protected]> > ...or servers/services/scripts do their own logging. In the latter case, > crontab logs (/var/cron/log) and SMF logs (/var/svc/log/*) might be of > interest. > But for an automated solution I'd parse syslog setup as well as setups > of log-rotation utilities (if the OS or admin cared to set up certain > logs there, it is likely they exist and may contain useful data).
It is a standard new install, zfs pools, plus started: IPMI, NTP, NFS I have the default syslog.conf: *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost) user.err /var/adm/messages I know where the logs are for: - cron => /var/log/cron - inetd / compiled nrpe => /var/log/syslog - packaged Lighttpd + compiled php => own log files I guess the server is too passive to log much stuff right now. Ok, I downloaded the latest logwatch and tried to install it... and I guess badly failed (with such gems as "README installed as /etc/rc2.d/README"): # sh install_logwatch.sh ################################# Preparing to install Logwatch Enter the path to the Logwatch BaseDir [/usr/share/logwatch] : ### Using /usr/share/logwatch Enter the path for the Logwatch ConfigDir [/etc/logwatch] : ### Using /etc/logwatch Enter the dir name to be used for temp files [/var/cache/logwatch] : ### Using /var/cache/logwatch Enter the location of perl [/usr/bin/perl] : ### Using /usr/bin/perl Enter the dir name to used for the manpage [/usr/share/man] : ### Using /usr/share/man ### Installing directory /usr/share/logwatch created directory /usr/share/logwatch/dist.conf created directory /usr/share/logwatch/dist.conf/logfiles created directory /usr/share/logwatch/dist.conf/services created directory /usr/share/logwatch/default.conf created directory /usr/share/logwatch/default.conf/logfiles created directory /usr/share/logwatch/default.conf/services created directory /usr/share/logwatch/default.conf/html created directory /usr/share/logwatch/scripts created directory /usr/share/logwatch/scripts/logfiles created directory /usr/share/logwatch/scripts/services created directory /usr/share/logwatch/scripts/shared created directory /usr/share/logwatch/lib created find: stat() error /usr/share/logwatch/README: No such file or directory README installed as /etc/rc2.d/README find: stat() error /usr/share/logwatch/HOWTO-Customize-LogWatch: No such file or directory find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: HOWTO-Customize-LogWatch was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: ignore.conf was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: autorpm.conf was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: afpd.conf was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: footer.html was not found anywhere! find: stat() error /usr/share/logwatch/scripts/logwatch.pl: No such file or directory find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: logwatch.pl was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/autorpm created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/cron created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/emerge created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/samba created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/up2date created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/xferlog created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! directory /usr/share/logwatch/scripts/logfiles/yum created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applydate was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: applybinddate was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: afpd was not found anywhere! find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: Logwatch.pm was not found anywhere! directory /etc/logwatch created directory /etc/logwatch/scripts created directory /etc/logwatch/scripts/services created directory /etc/logwatch/conf created directory /etc/logwatch/conf/logfiles created directory /etc/logwatch/conf/services created directory /etc/logwatch/conf/html created directory /var/cache/logwatch created find: cycle detected for /lib/32/ find: cycle detected for /lib/crypto/32/ find: cycle detected for /lib/secure/32/ find: cycle detected for /usr/lib/secure/32/ find: cycle detected for /usr/lib/lwp/32/ find: cycle detected for /usr/lib/link_audit/32/ find: cycle detected for /usr/lib/32/ find: cycle detected for /usr/lib/elfedit/32/ install: logwatch.8 was not found anywhere! Created symlink for /usr/sbin/logwatch You need to setup your cron job for logwatch, something like 2 0 * * * /usr/share/logwatch/scripts/logwatch.pl >/dev/null 2>&1 So I tried to clean up the mess, and did a manual install through trial and errors. Basicaly, for now I get a summary of cron entries, plus a df... but it does not want to send it by mail yet. So, nobody uses logwatch or any equivalent...? Do you just go check the logs on each servers or do you syslog them to a remote log server? JD _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
