- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Empty /var/adm/messages
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:05 AM
тАО05-19-2009 10:05 AM
Last reboot was May 7th after installation of security patches.
The following shows the setup.
What am I missing?
# ll /var/adm/messages
-rw-r--r-- 1 root root 0 May 7 17:19 /var/adm/messages
# ps -ef | grep cron
root 1909 1 0 May 7 ? 2:36 /usr/sbin/cron
# crontab -l | grep dmesg
# dmesg saving
06,11,16,21,26,31,36,41,46,51,56 * * * * /usr/sbin/dmesg - | grep -v "ATI Radeon
" | grep -v "`date '+%b %e'`" >> /var/adm/messages
# ll /usr/sbin/dmesg
lrwxr-xr-x 1 root root 11 May 23 2005 /usr/sbin/dmesg -> /sbin/dmesg
# ll /sbin/dmesg
-r-xr-xr-x 1 bin bin 212992 Nov 14 2000 /sbin/dmesg
#
Thank
RayB
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:14 AM
тАО05-19-2009 10:14 AM
Re: Empty /var/adm/messages
I think you meant to post this in the Linux forum family.
That aside, one way to see this behavior is to have renamed (via 'mv' instead of 'cp') the original '/var/adm/messages' (perhaps to empty it) and then created a new one (perhaps with 'touch'). Then, if the 'syslog' daemon wasn't restarted, it will continue to use the renamed file since this is the file to which it points.
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:20 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:39 AM
тАО05-19-2009 10:39 AM
Re: Empty /var/adm/messages
this is for an HP rp3440 running hp-ux 11.11.
and syslogd is running:
# ps -ef | grep syslog
root 802 1 0 May 7 ? 0:01 /usr/sbin/syslogd -D
#
I was thinking the --- | grep -v "`date '+%b %e'`" --- was erasing everything but it works as in
# echo "`date '+%b %e'`"
May 19
#
RayB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:45 AM
тАО05-19-2009 10:45 AM
Re: Empty /var/adm/messages
Jeff Traigle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:47 AM
тАО05-19-2009 10:47 AM
Re: Empty /var/adm/messages
You are right.
Erasing the "ATI Radeon ..." messages leaves a lonely timestamp that trips the automatic log monitor. This grep -v removes it.
The file should at least contain the log of the last boot event if the date has been erased... no?
Rayb
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 10:59 AM
тАО05-19-2009 10:59 AM
Re: Empty /var/adm/messages
I don't have now an access to a linux...but
to troubleshoot, first I suggest you to test without the grep -v "`date '+%b %e'`". If it's ok, that's mean your crontab don't like this.
Also, try to made the command with the full path of grep and date.
first
06,11,16,21,26,31,36,41,46,51,56 * * * * /usr/sbin/dmesg - | /bin/grep -v "ATI Radeon"
if it's ok, let's try
06,11,16,21,26,31,36,41,46,51,56 * * * * /usr/sbin/dmesg - | /bin/grep -v "ATI Radeon" | /bin/grep -v "`/usr/bin/date '+%b %e'`" >> /var/adm/messages
Hope it helps
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 11:37 AM
тАО05-19-2009 11:37 AM
Re: Empty /var/adm/messages
# ll /var/adm/syslog/
total 34624
-rw-r----- 1 root sys 207 Aug 29 2007 @!
-rw-r--r-- 1 root sys 2681070 May 7 17:14 OLDsyslog.log
-r--r--r-- 1 root root 11875300 May 19 14:05 mail.log
-rw-r--r-- 1 root root 1438575 May 19 16:17 syslog.log
#
I have tried dmesg | grep -v "May 19" and it returms the boot log minus the timestamp so that works.
so it looks like "dmesg -" fails.
Does anyone know where dmesg keeps it's pointers for the "-" option?
Or how I can modify/refresh the system error message buffer so I can test this?
RayB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 11:53 AM
тАО05-19-2009 11:53 AM
Re: Empty /var/adm/messages
> Does anyone know where dmesg keeps it's pointers for the "-" option? Or how I can modify/refresh the system error message buffer so I can test this?
I suspect that the kernel knows :-)
To refresh you could deliberately fill up a filesystem and attempt further writes to it. This will be logged in 'dmesg' and you can then retest 'dmesg -'. See the manpages:
http://docs.hp.com/en/B2355-60130/dmesg.1M.html
By the way: '/var/log/messages' while referenced in the 'dmesg' manpages example is the Linux equavlient of '/var/adm/syslog/syslog.log'. Hence the reason for the confusion of Linux vs. HP-ux.
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2009 03:07 PM
тАО05-19-2009 03:07 PM
Re: Empty /var/adm/messages
I guess not. This is just an extra line, in between each output. You may want to add a "^" so it only removes it from the start of each line. And you can combine the two greps:
grep -v -e "ATI Radeon" -e "^$(date '+%b %e')"
>The file should at least contain the log of the last boot event if the date has been erased?
It should since you append. But last(1) or /etc/rc.log have that.
>Does anyone know where dmesg keeps it's pointers for the "-" option?
As documented under dmesg(1M): /var/adm/msgbuf
>JRF: I suspect that the kernel knows :-)
It appears the kernel knows nothing about dmesg(1M).
>smatador: try to made the command with the full path of grep and date.
No need since these are both in cron's PATH.