- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Enterpreting, System Log files,,,
Categories
Company
Local Language
Forums
Discussions
Knowledge Base
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Knowledge Base
Forums
Discussions
- Cloud Mentoring and Education
- Software - General
- HPE OneView
- HPE Ezmeral Software platform
- HPE OpsRamp
Knowledge Base
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 06:13 PM
08-06-2002 06:13 PM
Enterpreting, System Log files,,,
When we look at syslog.log file, what are key-words should be searched, for any errors, or warning, words like "error", "warning" etc.
- most of the time, I find the following message in our system's logfile,
'rcpbind: cannot accept connection: bad call sequence number'
-What this message is trying to say?
And do we need to look at other system log files, apart from syslog.log?
Thanks
Regards
Shah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 06:37 PM
08-06-2002 06:37 PM
Re: Enterpreting, System Log files,,,
There are a few logs files on your system that should be noted, viewed actioned if necessary.
/var/adm/syslog/syslog.log
/var/adm/syslog/OLDsyslog.log (previous system log)
/var/adm/sulog
/var/mail/root (root's mail)
dmesg
/var/opt/resmon/log/event.log
/etc/rc.log (after reboots)
/etc/shutdownlog (after any outage/reboot)
application log files that your responsible for.
Not sure about this particular message, although it indicates a possible bad connection via a socket.
Michael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 07:59 PM
08-06-2002 07:59 PM
Re: Enterpreting, System Log files,,,
The rpcbind message that you see is not abnormal. It's probably created when an existing rpc connection was reset by the source, maybe due to bad connection, bad program calls, etc. If you see too many of these, you may want to occasionally cleanup/reset your rpc.lockd. That simply involves renaming /var/statmon/sm and /var/statmon/state and stop/start rpc.lockd and rpc.statd processes.
The syslog.log and "dmesg" output are 2 most important logs (in my opinion), the rest will epends on what you're looking for. For example if you want to look at SAM related log files it would be in /var/sam/log/samlog If it's glance, it's in /var/opt/perf. If it's startup scripts error it's /etc/rc.log. Like I say it depends on what you're looking for.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 08:03 PM
08-06-2002 08:03 PM
Re: Enterpreting, System Log files,,,
no & not & full
-Gerald-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 10:17 PM
08-06-2002 10:17 PM
Re: Enterpreting, System Log files,,,
I've a query, though very simple, (I am new to the world of unix-admin).
-- How to enable, the telnet logging information to syslog.log file?
I see whenever any user ftp to unix-server, syslog.log reports about it. But not in case of telnet. Or is there any other file which maintains this information?
How to maintain the logging of every action, like 'cp' 'rm' 'mv' etc?
Please ..
Regards
Shah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2002 10:35 PM
08-06-2002 10:35 PM
Re: Enterpreting, System Log files,,,
alert
error
warning
scsi
event
POWERFAILED
you can enable telnet messages to syslog by changing the entry in the /etc/inetd.conf
file as
//
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -l
//
(the line already exists in the inetd.conf file.Just add "-l" at the end to enable logging.
re-read the file using
/usr/sbin/inetd -c
By enabling auditing on the machine you can monitor all user activities.
THanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2002 02:01 AM
08-07-2002 02:01 AM
Re: Enterpreting, System Log files,,,
I added -l in inetd.conf file at the end and re-read the file using,
/usr/sbin/inetd -c
but telnet session, is not logging to syslog.log file?
What could be the problem?
Regards
Shah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2002 03:14 PM
08-07-2002 03:14 PM
Re: Enterpreting, System Log files,,,
I have had the same problem here. It was the tape drive. We replaced the tape drive and all is well. Get a new one!
Thanx,
Carla
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2002 03:15 PM
08-07-2002 03:15 PM
Re: Enterpreting, System Log files,,,
Sorry,
Carla
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2002 04:27 PM
08-07-2002 04:27 PM
Re: Enterpreting, System Log files,,,
In answer to your question about telnet logging, if you really want to do this into the /var/adm/syslog/syslog.log file you could run your 'inetd' daemon with the '-l' switch which will log the information for you.
Modify this file.
/etc/rc.config.d/netdaemons
Change this line from this
export INETD_ARGS=
to this
export INETD_ARGS= -l
Restart the 'inetd' daemon
Cheers
Michael