From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 7AEDC138A1A for ; Tue, 17 Feb 2015 19:18:23 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 19659E0870; Tue, 17 Feb 2015 19:18:17 +0000 (UTC) Received: from acheron.yagibdah.de (unknown [185.55.75.245]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CBE43E084B for ; Tue, 17 Feb 2015 19:18:15 +0000 (UTC) Received: from br-dmz-ip.yagibdah.de ([192.168.1.1] helo=heimdali.yagibdah.de) by acheron.yagibdah.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84) (envelope-from ) id 1YNnev-0002Pb-FU for gentoo-user@lists.gentoo.org; Tue, 17 Feb 2015 20:18:13 +0100 Received: from lee by heimdali.yagibdah.de with local (Exim 4.84) (envelope-from ) id 1YNnev-0000KD-DT for gentoo-user@lists.gentoo.org; Tue, 17 Feb 2015 20:18:13 +0100 From: lee To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] syslog-ng: how to read the log files In-Reply-To: <20150217190219.GA3678@acm.fritz.box> (Alan Mackenzie's message of "Tue, 17 Feb 2015 19:02:19 +0000") Date: Tue, 17 Feb 2015 20:17:20 +0100 Organization: my virtual residence Message-ID: <87y4nwqren.fsf@heimdali.yagibdah.de> References: <87lhjws8ci.fsf@heimdali.yagibdah.de> <20150217190219.GA3678@acm.fritz.box> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) Mail-Followup-To: gentoo-user@lists.gentoo.org Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain X-Archives-Salt: 1c3e425f-3c9a-42f4-8d1e-a2b6ec584f71 X-Archives-Hash: 5271f0a5bdef95b35d16cc209f7f21c1 Alan Mackenzie writes: > Hello, Lee. > > On Tue, Feb 17, 2015 at 07:26:05PM +0100, lee wrote: >> Hi, > >> how do you read the log files when using syslog-ng? > >> The log file seem to be some sort of binary that doesn't display too >> well in less, and there doesn't seem to be any way to read them. > > When I try "less /var/log/messages", less gives me what is basically a > hex dump of the file. I'm assuming you see the same. Yes, that's what I was looking at. > less searches part of the buffer (presumably the first few KB) and if it > finds non-printable characters, uses an input filter first to convert to > the hex dump. Is that a new feature of less? I've never had this problem with any other file. IIRC, unprintable characters, like null, used to be displayed like ^@, and less always did a great job in preventing the display from needing a reset without switching to an equivalent of hexl-mode. BTW, what happens when something writes to /var/log/messages? I noticed today that the default shorewall.conf that ships with gentoo has that set as logfile for shorewall. Shouldn't all messages going into /var/log/messages go to syslog-ng instead when syslog-ng is used, with nothing else writing to this file? -- Again we must be afraid of speaking of daemons for fear that daemons might swallow us. Finally, this fear has become reasonable.