Hello i am relatively new to rsyslog, and i have a file stored here /etc/rsyslog.d/ to tell rsyslog to send log data.
I now have enough data to analyze and would like to stop rsyslog from keep sending log data and waste my bandwidth.
So the question is how can i do this? Will removing the config file in /etc/rsyslog.d/ will simply stop rsyslog from sending the log file ?
Thanks.
Simply removing the file will not stop the logging.
you will have to issue a HUP to the PID of rsyslog.
kill -HUP <RSYSLOG PID>
This causes rsyslog to reread its configuration files in this case minus your config in /etc/rsyslog.d
Related
I want to trigger a desktop notification pop-up when a service is executed with systemd on my Linux desktop. The main reason why I am doing this is that I want to learn how to work with systemd timers and services by creating my own scheduled jobs and I would like to pop-up a desktop notification, when a service/job is executed, just to know that something is happening.
I have created a basic example to do that:
notifysystemd.sh:
#!/bin/bash
# Variable to hold path to systemd job logs
SYSTEMD_LOG_DIR='/home/jay/scheduledJobLogs/systemDJobLogs'
SYSTEMD_JOB_NAME='NotifySystemD'
CURRENT_MONTH=$(date '+%b')
# Send notification to desktop
notify-send 'You can automate and schedule anything with systemd today!'
# Write down in the log
CURRENT_TIME=$(date '+%Y-%m-%d-%H:%M')
LOG_RECORD="${CURRENT_TIME} SystemD notification job executed."
# Create a directory for systemd jobs logging, if it doesn't already exist. And don't error if it does exist
mkdir -p $SYSTEMD_LOG_DIR/$SYSTEMD_JOB_NAME
# Write the log record!
echo $LOG_RECORD >> $SYSTEMD_LOG_DIR/$SYSTEMD_JOB_NAME/$CURRENT_MONTH.txt
with this service file:
notifysystemd.service:
[Unit]
Description=A basic service to send a desktop notification using the systemd scheduler
Wants=notifysystemd.timer
[Service]
Type=forking
ExecStart=/home/jay/systemDJobs/notifysystemd.sh
Environment="DISPLAY=:0" "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u)/bus" "XAUTHORITY=/home/jay/.Xauthority"
[Install]
WantedBy=default.target
and this timer file:
notifysystemd.timer:
[Unit]
Description=Send a notification three minutes after PC start
RefuseManualStart=false # Allow manual starts
RefuseManualStop=false # Allow manual stops
[Timer]
#Execute job if it missed a run due to machine being off
Persistent=true
OnBootSec=180
#File describing job to execute
Unit=notifysystemd.service
[Install]
WantedBy=timers.target
The service is executed correctly with the correct delay (I can see that in the log created), but I am getting no desktop notification.
I have looked into several questions already asked on this forum:
systemd service not executing notify-send
notify-send command doesn't launch the notification through systemd service
Which suggest specifying environment variables in either the .service file or in the shell script.
I have tried all of them and none led to a notification appearing.
I have done the same with cronie, where was sufficient to specify the DISPLAY and DBUS_SESSION_BUS_ADDRESS environement variables the same way as I did in the notifysystemd.service file.
Lastly, if there is a better way how to achieve the same result, but which revolves around usage of systemd, I am opened to optimal, or more ergonomic solutions.
In systemd instead of notify-send put the output in a file.
Write a bash script and start it on desktop login (so this script can notify-send).
In the script write an endless loop.
Use inotifywait in the loop to monitor the output file for modification.
(This will suspend your script and won't eat cpu)
After inotify, read the content of the file and use notify-send.
We have a node.js application running as a daemon on a Linux (Yocto) gateway, but I see no trace from the application in the /var/log/syslog file. What would I have to do to include all console.log (stdout) messages into the syslog file?
I suspect this is not a development question and would be better on Superuser or other site.
But anyway.
You can pipe the output of the program through a program called logger which will copy all of its input into the log socket.
Or you could use a version of Linux that uses systemd and journald. The systemd log system will copy all stdout and stderr into its journal log.
Or you can use your own log file (not /var/log/syslog) and redirect the daemon's output into that file.
How to send a message to rsyslog deamon programmatically (from a custom program)?
In the syslog there are openlog...syslog...closelog functions available. But how can i do it in case of rsyslog?
rsyslog is a central log program.
You could cat /etc/rsyslog.conf to watch how your rsyslog is configured.
Default configuration use imuxsock and imjournal.
imuxsock module actually listen like /dev/log or /run/systemd/journal/syslog. This means you could use syslog(3) man 3 syslog or cmd logger 123 to write log into /var/log/messages.
imjournal means rsyslog read log from systemd-journald(/var/log/journal/$(uuid)/*.journal. You could use sd-journal(3) api or journal cmd like echo 123 | systemd-cat to write to journal, and then rsyslog read log from it. you can see journal with journalctl -e to see the newest journal.
I tried to search this in many places and also documents/man pages of openlog(), syslog(0, rsyslogd(8) but couldn't find answer for this.
My question is, if rsyslogd is stopped or not yet started, then do the new syslog messages get lost? Or rsyslogd fetches them from /dev/log later when it's enabled?
My test is:
On a running system, rsyslog is running. Now, do the following:
logger -p local7.notice "my custom message1"
grep message1 | /var/log/messages ----> Success
Stop rsyslogd process
logger -p local7.notice "My other custom message2"
now, start the rsyslogd daemon
grep message2 | /var/log/messages ----> FAIL
I understand from openlog(3) and syslog(3) man pages that a socket is opened for /dev/log file and if there is an error while sending the message to syslog (as rsyslogd is not running) then the connection is closed (and message is printed on console/stderror if you have used LOG_CONS/LOG_PERROR).
Could anybody please tell me:
Is there any way rsyslogd to get all those messages came in absence of it in syslog file when it comes up?
If not by default, is there any syscall, command,etc.etc.way to do that??
Thank you in advance.
-Neo
It won't happen by default. You can use the 'cat' command and pipe it to logger to get them in, though. Something like the following should work.
cat your.log | logger -n yourserver
You can also use the 'tail' command similarly to 'cat'.
I am planning to run multiple processes using supervisor and please find my supervisord.conf file below:
[supervisord]
[program:bash]
command=xyz
stdout_logfile =/tmp/bash.log
redirect_stderr=true
[supervisorctl]
serverurl=unix:///tmp/supervisor.sock
[unix_http_server]
file=/tmp/supervisor.sock ; path to your socket file
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
I wish to redirect the stdout of the process named bash to supervisor console so that when i start supervisor using
/usr/bin/supervisord
command, i could see the child process logs. How can i do this ? I tried putting syslog for stdout_logfile attribute but it did not work.
You can redirect the program's stdout to supervisor's stdout using the following configuration options:
stdout_logfile=/dev/fd/1
stdout_logfile_maxbytes=0
Explanation:
When a process opens /dev/fd/1 (which is the same as /proc/self/fd/1), the system actually clones file descriptor #1 (stdout) of that process. Using this as stdout_logfile therefore causes supervisord to redirect the program's stdout to its own stdout.
stdout_logfile_maxbytes=0 disables log file rotation which is obviously not meaningful for stdout. Not specifying this option will result in an error because the default value is 50MB and supervisor is not smart enough to detect that the specified log file is not a regular file.
For more information:
http://veithen.github.io/2015/01/08/supervisord-redirecting-stdout.html