Showing results for 
Search instead for 
Did you mean: 

syslog troubleshooting

Go to solution
Mahesh Alexander
Frequent Advisor

syslog troubleshooting

Hi all,

Do somebody knows a good site or some guides to understand how syslog works and how to troubleshoot it? I am looking for the most common and critical errors found in syslog. For instance, what are the most common checks to perform every morning when you log in and want to know the status of your servers.

Steven E. Protter
Exalted Contributor

Re: syslog troubleshooting


I pull messages out of it, and put them into google with a few search terms identifying the OS.

I have a couple of scripts that scan the file for lbolt, which means a disk problem has happened and automatically notify important people by email, so the problem is dealt with swiftly.

Steven E Protter
Owner of ISN Corporation
Trusted Contributor

Re: syslog troubleshooting

To check the server include following commands in the script. you can run this script daily to check the syslog events / errors.
grep -i full /var/adm/syslog/syslog.log |pg

grep -i fail /var/adm/syslog/syslog.log |pg
grep -i fault /var/adm/syslog/syslog.log |pg
grep -i error /var/adm/syslog/syslog.log |pg
grep -i scsi /var/adm/syslog/syslog.log |pg
grep -i lbolt /var/adm/syslog/syslog.log |pg
grep -i ems /var/adm/syslog/syslog.log |pg
grep -i lpmc /var/adm/syslog/syslog.log |pg
grep -i critical /var/adm/syslog/syslog.log |pg
grep -i Recovered /var/adm/syslog/syslog.log |pg
grep -i Restored /var/adm/syslog/syslog.log |pg
grep -i incorr /var/adm/syslog/syslog.log |pg
grep -i su: /var/adm/syslog/syslog.log |pg
grep -i cmcld /var/adm/syslog/syslog.log
grep -i lvm /var/adm/syslog/syslog.log
#tail -30 /var/adm/sulog |pg
netstat -in |pg
netstat -nvr |pg
netstat -an |grep "ESTABLISHED" |wc -l |pg
cat /var/adm/syslog/syslog.log |grep -i "connection logging"
ll /var/opt/resmon/log
Mahesh Alexander
Frequent Advisor

Re: syslog troubleshooting

That is pretty cool! thanks! Do anybody has the script which sends and email with the result?

Mel Burslan
Honored Contributor

Re: syslog troubleshooting

Put whatever commands you like above, in a file and call it

chmod 700 /path/to/
run it as:

/path/to/ | mailx -s "syslog check results for $(date)"

this command above assumes your server has ability to send mail to the outside world. If not, check recent forum archives about questions, regarding enabling mail sending on hpux.

Hope this helps
UNIX because I majored in cryptology...
Mahesh Alexander
Frequent Advisor

Re: syslog troubleshooting

Thanks Mel, will try it out.
Mahesh Alexander
Frequent Advisor

Re: syslog troubleshooting

Thanks all for your quick response. Thank you.