bdb9d91c-878d-4110-8497-cca90955cd7f-image.png

@pete-s said in Centralized Log Management:

Amazon is providing the service, not the software. So they don't need to adhere to GPL and similar licenses.

oh they have to adhere, it's just that the license clearly states that there are no limits on use. So they were adhering perfect.

ELK was upset that they didn't like how the code was being used when run in production and wanted control of the use of their code, not the reading or modification of the code.

@IT-ADMIN said in logrotats vs simple cron job:

by the way you like jesse pinkman yo yo

Ha that's the first time I've heard that.

I can't think of a way aside from cron every X seconds. I'd dump it into a csv file with just the timestamp and the number of calls. E.g.

#!/bin/sh if [ ! -f /var/log/activecalls.csv ]; then echo "Timestamp,Calls" > /var/log/activecalls.csv fi DateTime=`date "+%Y%m%d %H:%M:%S"` echo -ne "\n$DateTime," >> /var/log/activecalls.csv asterisk -x 'core show channels' | grep 'active calls' | cut -d " " -f1

Which SHOULD create a nice csv for you...

Tags added.

@pete-s said in Make MS SQL Server 2014 Log Every Query:

@romo said in Make MS SQL Server 2014 Log Every Query:

@pete-s said in Make MS SQL Server 2014 Log Every Query:

Extended Events

@Pete-S happen to know where the default location of the event files are saved?

I created a new session and I believe it is properly showing the queries ran, but if I try to change the place where the file is logged to is doesn't start, but if I leave the default set I can't find the file!!

I'm not sure the default is actually a file at all, it may be memory buffers.
However it sound like you have a user rights issue. Make sure SQL server is allowed to write to the file where you put it.

Also remember The SQL instance is usually not running with a user context. Generally a system service.

We decided to stick with Wazuh. It runs on CentOS 7 and has a shiny OVA we used to deploy it. So for the purposes of this thread, we have our distro selected. Thanks everyone for the help.

@hobbit666 said in GDPR galore:

Yeah I've been hearing a lot on this GDPR stuff luckily I'm not involved and others in the dept are lol.

But what logs would they need you to collect and store? We don't do this at the moment but if required would like to start looking at solutions. So I'm prepared for the "can you do this and get it installed" lol

Bah. Here in italy they are stressing a lot the access control. And they want centralized lig inspection to check for logins (not necessarily a valid point from a tech perspective but they ask for)

@jmoore said in log.io on Fedora 26 Cannot Fine logging:

Oh ok, that sure is weird.

Just a bit.

@gjacobse said in Windows Nextcloud Client Log file:

Thanks to @scottalanmiller for correcting the issue. I was watching when it was working on it, but sadly do not recall what it was he did.

Rebooted 🙂

hi @mhamed, if you are solved this step i need your help because I'm currently working on same Project .

@scottalanmiller said in SMTP is Email so what is the mail you get from logging?:

@DustinB3403 said in SMTP is Email so what is the mail you get from logging?:

So the alerts are meant to be delievered via SMTP, therefore they are "email files" without the SMTP portion. Hence they are email.

There is no such thing. You can't just call all text files "email". If you do, literally everything is email. So the term is now lost. Go pick up your email from the dry cleaners so you can be home in time to eat your email for dinner.

hahahah I laughed way to hard when I read that on my phone!

A little monitoring goes a long way 🙂

@scottalanmiller The 2nd line I "edited" with a s/o!

@BRRABill said in Graylog Discovery:

@scottalanmiller said in Graylog Discovery:

@BRRABill said in Graylog Discovery:

@scottalanmiller said in Graylog Discovery:

@BRRABill said in Graylog Discovery:

@scottalanmiller said in Graylog Discovery:

@Romo said in Graylog Discovery:

@scottalanmiller said in Graylog Discovery:

Or... learn to work in UTC like the rest of us 😉

Or build your own Graylog server and it doesn't have this issue.

Is there any specific reason for using UTC?

Because it never has a daylight saving problem, it's standard and universal, every system uses it identically, and it is the only option that doesn't play favourites with a region.

So......you just add (say 5, for NY) to everything you see?

Or just work in UTC. In modern international business you always have to adjust the time. Nothing is easier than using UTC which is stable, as a base.

How do you get everyone to play along? Server support? Desktop support? Etc..

You make it a company policy. Times are in UTC. It's pretty easy, you can set desktops through GP or similar. Set servers to UTC. Works like magic. Some people might adjust their own stuff, but if they miss things it's purely a failure on their part that they have no excuse for. In fact, the excuse might be worse than missing things (intentionally breaking policy to not know when to show up.)

Wait, wait...so you expect all your users to also adapt to UTC?

Easier than have them not be able to figure out timezones. It's LESS adaptation, rather than more.

@dafyre said in SysLog Forwarding for XenServer:

@BRRABill said in SysLog Forwarding for XenServer:

I am the new King of Open Source.

H aha ha. How's that?

It's my answer to anything.

Need a new logging server? Open Source!

Need a new XXXXXX? Open Source!

0_1465839373020_chrome_2016-06-13_13-34-50.png

The logging even shows up in different areas for each of the two systems.

My system ends in W7D.

Highlighted to show the target system I want the logs from.