public inbox for gentoo-doc-cvs@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-doc-cvs] gentoo commit in xml/htdocs/doc/en: logcheck.xml metadoc.xml
@ 2010-07-13 20:29 Joshua Saddler (nightmorph)
  0 siblings, 0 replies; 2+ messages in thread
From: Joshua Saddler (nightmorph) @ 2010-07-13 20:29 UTC (permalink / raw
  To: gentoo-doc-cvs

nightmorph    10/07/13 20:29:06

  Modified:             metadoc.xml
  Added:                logcheck.xml
  Log:
  add a new guide on logcheck, thanks to phajdan.jr. bug 322223.

Revision  Changes    Path
1.233                xml/htdocs/doc/en/metadoc.xml

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?rev=1.233&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?rev=1.233&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?r1=1.232&r2=1.233

Index: metadoc.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v
retrieving revision 1.232
retrieving revision 1.233
diff -u -r1.232 -r1.233
--- metadoc.xml	13 Jul 2010 20:20:54 -0000	1.232
+++ metadoc.xml	13 Jul 2010 20:29:06 -0000	1.233
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE metadoc SYSTEM "/dtd/metadoc.dtd">
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v 1.232 2010/07/13 20:20:54 nightmorph Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v 1.233 2010/07/13 20:29:06 nightmorph Exp $ -->
 <metadoc lang="en">
-  <version>1.154</version>
+  <version>1.155</version>
   <members>
     <lead>neysx</lead>
     <member>cam</member>
@@ -375,6 +375,7 @@
     <file id="openrc-migration">/doc/en/openrc-migration.xml</file>
     <file id="multipath">/doc/en/multipath.xml</file>
     <file id="bind-guide">/doc/en/bind-guide.xml</file>
+    <file id="logcheck">/doc/en/logcheck.xml</file>
     <file id="devmanual">/proj/en/qa/devmanual.xml</file>
   </files>
   <docs>
@@ -1106,5 +1107,8 @@
     <doc fileid="texlive-migration-guide">
       <memberof>upgrade</memberof>
     </doc>
+    <doc fileid="logcheck">
+      <memberof>sysadmin_specific</memberof>
+    </doc>
   </docs>
 </metadoc>



1.1                  xml/htdocs/doc/en/logcheck.xml

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/logcheck.xml?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/logcheck.xml?rev=1.1&content-type=text/plain

Index: logcheck.xml
===================================================================
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
<!-- $Header $ -->

<guide>
<title>Logcheck Guide</title>

<author title="Author">
  <mail link="phajdan.jr"/>
</author>
<author title="Editor">
  <mail link="nightmorph"/>
</author>

<abstract>
This guide shows you how to analyze system logs with logcheck.
</abstract>

<!-- The content of this document is licensed under the CC-BY-SA license -->
<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
<license/>

<version>1</version>
<date>2010-07-13</date>

<chapter>
<title>Getting Started With logcheck</title>
<section>
<title>Background</title>
<body>

<p>
<c>logcheck</c> is an updated version of <c>logsentry</c> (from the
<c>sentrytools</c> package), which is a tool to analyze the system logs.
Additionally, <c>logcheck</c> comes with a built-in database of common,
not-interesting log messages to filter out the noise. The general idea of the
tool is that all messages are interesting, except the ones explicitly marked as
noise. <c>logcheck</c> periodically sends you an e-mail with a summary of
interesting messages.
</p>

</body>
</section>
<section>
<title>Installing logcheck</title>
<body>

<impo>
It is strongly recommended to remove logsentry if you have it installed on
your system. Additionally, you should remove /etc/logcheck to avoid permission
and file collision problem.
</impo>

<pre caption="Removing logsentry">
<comment>(Uninstall the logsentry package)</comment>
# <i>emerge -C logsentry</i>
<comment>(Remove leftover files)</comment>
# <i>rm -rf /etc/logcheck</i>
</pre>

<p>
Now you can proceed with the installation of logcheck.
</p>

<pre caption="Installing logcheck">
# <i>emerge -av app-admin/logcheck</i>
</pre>

</body>
</section>
<section>
<title>Basic configuration</title>
<body>

<p>
<c>logcheck</c> creates a separate user "logcheck" to avoid running as root.
Actually, it will refuse to run as root. To allow it to analyze the logs,
you need to make sure they are readable by logcheck. Here is an example
for <c>syslog-ng</c>:
</p>

<pre caption="/etc/syslog-ng/syslog-ng.conf snippet">
options {
        owner(root);

        <comment>(Make log files group-readable by logcheck)</comment>
        group(logcheck);
        perm(0640);
};
</pre>

<p>
Now reload the configuration and make sure the changes work as expected.
</p>

<pre caption="Reload syslog-ng configuration">
# <i>/etc/init.d/syslog-ng reload</i>
<comment>(Make sure /var/log/messages has correct permissions)</comment>
# <i>ls -l /var/log/messages</i>
-rw-r----- 1 root logcheck 1694438 Feb 12 12:18 /var/log/messages
</pre>

<p>
You should now adjust some basic <c>logcheck</c> settings in
<path>/etc/logcheck/logcheck.conf</path>.
</p>

<pre caption="Basic /etc/logcheck/logcheck.conf setup">
# Controls the level of filtering:
# Can be Set to "workstation", "server" or "paranoid" for different
# levels of filtering. Defaults to server if not set.
<comment>(The workstation level includes server, and server includes paranoid.
The paranoid level filters almost no messages)</comment>
REPORTLEVEL="server"

# Controls the address mail goes to:
# *NOTE* the script does not set a default value for this variable!
# Should be set to an offsite "emailaddress@some.domain.tld"
<comment>(Make sure you can receive the logcheck e-mails. Testing is strongly
recommended)</comment>
SENDMAILTO="root"

# Controls if syslog-summary is run over each section.
# Alternatively, set to "1" to enable extra summary.
# HINT: syslog-summary needs to be installed.
<comment>(If you get a lot of similar messages in the logs, you
may want to install app-admin/syslog-summary and enable
this setting)</comment>
SYSLOGSUMMARY=0
</pre>

<p>
Finally, enable the logcheck cron job.
</p>

<pre caption="Enable logcheck cron job">
<comment>(Edit the cron file and follow the instructions inside)</comment>
# <i>nano -w /etc/cron.hourly/logcheck.cron</i>
</pre>

<note>
For more information about cron read the <uri link="/doc/en/cron-guide.xml">Cron
Guide</uri>.
</note>

<p>
Congratulations! Now you will be regularly getting important log messages by
email. An example message looks like this:
</p>

<pre caption="Example logcheck message">
System Events
=-=-=-=-=-=-=
Feb 10 17:13:53 localhost kernel: [30233.238342] conftest[25838]: segfault at 40 ip 40061403 sp bfc443c4 error 4
in libc-2.10.1.so[4003e000+142000]
Feb 11 12:31:21 localhost postfix/pickup[18704]: fatal: could not find any active network interfaces
Feb 11 12:31:22 localhost postfix/master[3776]: warning: process //usr/lib/postfix/pickup pid 18704 exit status 1
Feb 11 12:31:22 localhost postfix/master[3776]: warning: //usr/lib/postfix/pickup: bad command startup -- throttling
</pre>

</body>
</section>
</chapter>
</guide>






^ permalink raw reply	[flat|nested] 2+ messages in thread

* [gentoo-doc-cvs] gentoo commit in xml/htdocs/doc/en: logcheck.xml metadoc.xml
@ 2013-08-18 14:01 Sven Vermeulen (swift)
  0 siblings, 0 replies; 2+ messages in thread
From: Sven Vermeulen (swift) @ 2013-08-18 14:01 UTC (permalink / raw
  To: gentoo-doc-cvs

swift       13/08/18 14:01:51

  Modified:             logcheck.xml metadoc.xml
  Log:
  Logcheck moved to https://wiki.gentoo.org/wiki/Logcheck

Revision  Changes    Path
1.4                  xml/htdocs/doc/en/logcheck.xml

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/logcheck.xml?rev=1.4&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/logcheck.xml?rev=1.4&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/logcheck.xml?r1=1.3&r2=1.4

Index: logcheck.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/logcheck.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- logcheck.xml	18 Aug 2013 13:48:07 -0000	1.3
+++ logcheck.xml	18 Aug 2013 14:01:51 -0000	1.4
@@ -1,8 +1,8 @@
 <?xml version='1.0' encoding='UTF-8'?>
 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/logcheck.xml,v 1.3 2013/08/18 13:48:07 swift Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/logcheck.xml,v 1.4 2013/08/18 14:01:51 swift Exp $ -->
 
-<guide>
+<guide disclaimer="obsolete" redirect="https://wiki.gentoo.org/wiki/Logcheck">
 <title>Logcheck Guide</title>
 
 <author title="Author">



1.274                xml/htdocs/doc/en/metadoc.xml

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?rev=1.274&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?rev=1.274&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/doc/en/metadoc.xml?r1=1.273&r2=1.274

Index: metadoc.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v
retrieving revision 1.273
retrieving revision 1.274
diff -u -r1.273 -r1.274
--- metadoc.xml	18 Aug 2013 13:48:07 -0000	1.273
+++ metadoc.xml	18 Aug 2013 14:01:51 -0000	1.274
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE metadoc SYSTEM "/dtd/metadoc.dtd">
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v 1.273 2013/08/18 13:48:07 swift Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/metadoc.xml,v 1.274 2013/08/18 14:01:51 swift Exp $ -->
 <metadoc lang="en">
-  <version>1.190</version>
+  <version>1.191</version>
   <members>
     <lead>nightmorph</lead>
     <member>flammie</member>
@@ -347,7 +347,6 @@
     <file id="texlive-migration-guide">/proj/en/tex/texlive-migration-guide.xml</file>
     <file id="openrc-migration">/doc/en/openrc-migration.xml</file>
     <file id="multipath">/doc/en/multipath.xml</file>
-    <file id="logcheck">/doc/en/logcheck.xml</file>
     <file id="devmanual">/proj/en/qa/devmanual.xml</file>
   </files>
   <docs>
@@ -1004,8 +1003,5 @@
     <doc fileid="texlive-migration-guide">
       <memberof>upgrade</memberof>
     </doc>
-    <doc fileid="logcheck">
-      <memberof>sysadmin_specific</memberof>
-    </doc>
   </docs>
 </metadoc>





^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2013-08-18 14:01 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-08-18 14:01 [gentoo-doc-cvs] gentoo commit in xml/htdocs/doc/en: logcheck.xml metadoc.xml Sven Vermeulen (swift)
  -- strict thread matches above, loose matches on Subject: below --
2010-07-13 20:29 Joshua Saddler (nightmorph)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox