From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-162223-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 3AD73138A1A
	for <garchives@archives.gentoo.org>; Tue, 17 Feb 2015 22:01:48 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 0C62AE084A;
	Tue, 17 Feb 2015 22:01:42 +0000 (UTC)
Received: from mail-wg0-f42.google.com (mail-wg0-f42.google.com [74.125.82.42])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 1C67AE07EB
	for <gentoo-user@lists.gentoo.org>; Tue, 17 Feb 2015 22:01:39 +0000 (UTC)
Received: by mail-wg0-f42.google.com with SMTP id n12so22180884wgh.1
        for <gentoo-user@lists.gentoo.org>; Tue, 17 Feb 2015 14:01:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=from:reply-to:to:subject:date:user-agent:references:in-reply-to
         :mime-version:content-type:content-transfer-encoding:message-id;
        bh=K8U6Y2+qAGMzoWg5BwjQbb7EcSS9iGtQ6qLee4mUKfA=;
        b=e56O6C8VGPpqdhuRc/lSfns4UiJ09wA5qROj2BkHF5rhQosLW4Hm1OkMiYRIeswS2u
         zhqfHR5YChzUzHlwQcRgvafIH88gInGBWfmZkk1eXONufTdcyabpgN5TrwpL2wTjm0c4
         p2s/daTjjvAHJC4FWc9x9D4xSe/fFbuEZm5BOGXV+nWfffxmIcmJoapJp6+cS4762nAm
         ASvHwMmpjlaxQhYR0d7TewaFbsU0YgcHxE4Cr8EMLycPqMO14huAzmTVms3aNzTnxOPe
         nx6HEwVGDaSGvvmo3Ww31zc7oizAb5VFJVtvQzWNBvaEBhu5T1+QegVQLlOXz0OOPXdN
         nIwQ==
X-Received: by 10.180.21.161 with SMTP id w1mr60430059wie.44.1424210498562;
        Tue, 17 Feb 2015 14:01:38 -0800 (PST)
Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230])
        by mx.google.com with ESMTPSA id n2sm26041102wiw.16.2015.02.17.14.01.37
        for <gentoo-user@lists.gentoo.org>
        (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Tue, 17 Feb 2015 14:01:37 -0800 (PST)
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] syslog-ng: how to read the log files
Date: Tue, 17 Feb 2015 22:01:29 +0000
User-Agent: KMail/1.13.7 (Linux/3.17.8-gentoo-r1; KDE/4.14.3; x86_64; ; )
References: <87lhjws8ci.fsf@heimdali.yagibdah.de> <20150217190219.GA3678@acm.fritz.box> <87y4nwqren.fsf@heimdali.yagibdah.de>
In-Reply-To: <87y4nwqren.fsf@heimdali.yagibdah.de>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed;
  boundary="nextPart6506935.CKyXG3qxtH";
  protocol="application/pgp-signature";
  micalg=pgp-sha256
Content-Transfer-Encoding: 7bit
Message-Id: <201502172201.38517.michaelkintzios@gmail.com>
X-Archives-Salt: d97b51ed-63c6-48ad-9ef7-bd7f37bed874
X-Archives-Hash: d277d15974000b31d29ac3a4b64a26fc

--nextPart6506935.CKyXG3qxtH
Content-Type: Text/Plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable

On Tuesday 17 Feb 2015 19:17:20 lee wrote:
> Alan Mackenzie <acm@muc.de> writes:
> > Hello, Lee.
> >=20
> > On Tue, Feb 17, 2015 at 07:26:05PM +0100, lee wrote:
> >> Hi,
> >>=20
> >> how do you read the log files when using syslog-ng?
> >>=20
> >> The log file seem to be some sort of binary that doesn't display too
> >> well in less, and there doesn't seem to be any way to read them.
> >=20
> > When I try "less /var/log/messages", less gives me what is basically a
> > hex dump of the file.  I'm assuming you see the same.
>=20
> Yes, that's what I was looking at.
>=20
> > less searches part of the buffer (presumably the first few KB) and if it
> > finds non-printable characters, uses an input filter first to convert to
> > the hex dump.
>=20
> Is that a new feature of less?  I've never had this problem with any
> other file.  IIRC, unprintable characters, like null, used to be
> displayed like ^@, and less always did a great job in preventing the
> display from needing a reset without switching to an equivalent of
> hexl-mode.
>=20
>=20
> BTW, what happens when something writes to /var/log/messages?  I noticed
> today that the default shorewall.conf that ships with gentoo has that
> set as logfile for shorewall.  Shouldn't all messages going into
> /var/log/messages go to syslog-ng instead when syslog-ng is used, with
> nothing else writing to this file?

It depends on what filters have been set in the configuration file of the=20
application in question or syslog-ng.

I use less -L /var/log/messages to see the content of the log files in plai=
n=20
text.  At boot up I get a load of:

=46eb 16 07:54:04=20
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^=
@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^=
@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^=
@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^=
@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^=
@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset
=46eb 16 07:54:04=20
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@

being printed up.  Perhaps I will disable cgroups in the kernel and see wha=
t=20
gives.  I don't use containers anyway.

=2D-=20
Regards,
Mick

--nextPart6506935.CKyXG3qxtH
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAABCAAGBQJU47pCAAoJELAdA+zwE4YeLGMH/Riv6DJYCGgdqv39UVRNlY0j
YdGpqXRBqSVgDOyP6AHOiQAn3jP7MtrbimnxTvbDVC6CNzEv3buJx1w06urOnlKw
IAFWyTkeZQOU/MsSU943EHZXunMezJj86QgfwNGtVk3p0ykWohK2f0FIsA//cKHU
pnLua90U7EsvmvAIib5RBTTqeeiVfIX9UtSZ2BTjCrRHJm0kHbxdtlIpQUuxXWuZ
Ge1joNr2fkV2LSGhytRMtLAaNGo7Lh5JTMOcIvRopsnJpKkY4ubAlJmKzg2Ocr6I
fLWO2WbHI77EvP0d+8BjG28RhuHz4m0O5Q9Jd9aCePbFx4J2Bs0nsUB6SG8LOKg=
=KvmE
-----END PGP SIGNATURE-----

--nextPart6506935.CKyXG3qxtH--