Re: way to duplicate logs?

• Previous message: Bob Ababurko: "way to duplicate logs?"
• In reply to: Bob Ababurko: "way to duplicate logs?"
• Next in thread: Nielsen: "Re: way to duplicate logs?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 10 Dec 2004 16:49:40 -0800
To: Bob Ababurko <ababurko@adelphia.net>

> I am bit confused here. I have just had some issues with my box and I
> am looking for some opinions. I just had been denied access to my
> box...supposedly from a memory shortage in reference to my NIC....more
> specifically, mbuf clusters exhausted. Now I am looking in my
> /var/log/messages for when this started and I notice a discrepancy in my
> logs. Now from where I am looking, I see time in the logs go backwards.
> You can see it as soon as the box is rebooted. Is there an explanation
> for this?

it could be that your BIOS time is conflicting with freebsd's - during
your install did you select "YES" for "Does your BIOS keep track of
time?" or whatever the question is...

> The date on the box should not have changed during that reboot, as it
> was in sync with ntp and still is.

are you sure ntp is running?
  to check: root@box[~]% \ps -waux | grep ntp

> Also, is there a way to make more than one copy of these logs?....I am
> not sure how this is set up and but I would like to possibly have
> another set of logs in place so if someone is editing them, I can catch
> it. I know there is a chance that I may be overreacting., but just in
> case I want to know.

you can setup another machine to receive logs:
  http://isber.ucsb.edu/~randall/instructions/loghost/

or just % man 5 syslog.conf

  -randall

-- 
       randall s. ehren       :// 805.893.5632
        systems administrator :// isber.ucsb.edu
         institute for social, behavioral, and economic research
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Bob Ababurko: "way to duplicate logs?"
• In reply to: Bob Ababurko: "way to duplicate logs?"
• Next in thread: Nielsen: "Re: way to duplicate logs?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Testing NTP on Win2003 ... time-related warnings or errors in the logs, and Windows computers are ... syncing their time. ... How can I tell if the DC is listening and responding to NTP ... (microsoft.public.windows.server.networking) Netgear FR114P Time Checks ... When looking at the logs I see ... the following entries every 2 hours: ... NTP is a time check. ... resolves to time.nist.gov which is the ... (comp.security.firewalls) dedicated ntp log ... I've got a 5.3 box that is getting it's time via ntp and setting it onboot ... via ntpdate. ... The logs of this activity are being tored in /var/log/messages, ... (comp.unix.bsd.freebsd.misc) Re: Winter Forecast ... This posting expresses the personal view and opinions of the author. ... He he thanks Jon. ... logs and stacking them like crazy, whispers then started, " Will (you know the ... (uk.sci.weather) Re: Sound of chain saws in Haytor ... This posting expresses the personal view and opinions of the author. ... Something which everyone on this planet should be able to do. ... The chain saws are going in Haytor. ... People are sawing up logs for ... (uk.sci.weather)