Search Results

Search found 17971 results on 719 pages for 'log analyzer'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 56/719 | < Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63  | Next Page >

  • Colorize Monitoring of Logs

    - by Ian
    I sometimes monitor apache and php error logs using tail under FreeBSD. Is there any way to get colorized output, either using tail or some other command line app? Alternatively, what is your favorite way to monitor the various web-related logs in realtime?

    Read the article

  • syslogd: Logfile format (not configuration format)

    - by chris_l
    Hi, I'd like to parse logfiles. Is the logfile format of syslogd the same for all systems? On my system (Debian Lenny), it's: Mar 7 04:22:40 my-host-name ... (I'm not much interested in the ... part) Can I rely on this? And is there maybe some more-or-less official description? The manpage of syslogd describes the config format, but not the logfile format. Ideally, the description would give the fields official names like (date, time, host, entry) or (datetime, hostname, message). Maybe additionally some regular expressions. I'd like to use the names and regexes in my script, to avoid an unnecessary deviation from the standard, and to make sure, that the script runs everywhere. Thanks Chris

    Read the article

  • IIS Logs not getting created

    - by Chris
    Hi I have a site running on IIS 6. I have turned on logging on the website tab of IIS and specified a directory for it to write to. Set it to an hourly schedule. However no logs are ever created. Have reset iis. checked disk space and permissions on the directory it is writing to but no logs are ever created. I can see this did work once, as there are logs created in the system32/logfiles directory from about a year ago. Even if I specify that directory nothing new gets created This is on a hosted service What else can I check? Is there any place that errors would be written to that might give me a clue as to what is going on? Have tried event viewer but nothing untoward in there Would appreciate any pointers on this

    Read the article

  • Event ID for modified GPOs

    - by Hinek
    I have to know, who (usersid or loginname) changed a specified GPO for a specified OU in the Active Directory. Given our audit settings include this, what would be the right Event ID to look for?

    Read the article

  • svchost.exe crash on wake up

    - by Serge
    Lately whenever I wake up my laptop from sleep I get a series of errors (generated by a host process failing) I haven't been able to figure out why this happens but I know which host process fails and was wondering if someone had some insight on why this keeps occuring 99% of the time when my laptop wakes up. here's the host process error Faulting application svchost.exe_SysMain, version 6.0.6001.18000, time stamp 0x47919291, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e0421d, exception code 0xc0000006, fault offset 0x000000000005a02d, process id 0x1738, application start time 0x01cae656279b1010. and here are some services that fail because of that host The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. The Wired AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. The ReadyBoost service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. The Network Connections service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Anyways I think you get the point, there are a few more. It got really annoying to wait for those services to restart so I created a batch file that does it automatically whenever the wlan stops I'm using Vista x64 on a Studio XPS 1640

    Read the article

  • Is it possible to export Windows event logs from multiple servers to a non-windows host, without running event manager on each of the Windows servers?

    - by Taylor Matyasz
    I want to export event logs from Windows to a non-Windows host. I was considering using Logstash, but that would seem to require that I install and run Logstash on each server. Is it possible to do this without having to run it on all of the servers? I am hoping to be able to consolidate all of the information from different servers to make searching and reporting much easier. If not, what would you recommend is the best way to export to a non-Windows host in real time? Thank you.

    Read the article

  • E-mail spam analyzing tools

    - by goran
    I have some mail logs, for which I assume that come from our hosted mail server antivirus: 1, antispam: 1, sanesecurity: 1, chkuser: 1, chkrbl: 1, chkmx: 1, chkptr: 0, greylistlevel: 0, rejectemptyfrom: 1, spamscore: 7.00, redirectspam: 1, maxrcpt: 30, maxdatabytes: 50000000, nightguard: 0, whitelistsigned: 1 (+ info on each message score) as plain text files. I was wondering if anyone knows which tool produce such logs and if there are any tools that would parse and analyze the logs?

    Read the article

  • How to avoid Master Browser errors, MRxSmb Event ID 8003?

    - by Sanoj
    I have a domain with Windows SBS 2003 as domain controller. It's very common to get Master Browser errors in the logs, MRxSmb Event ID 8003. How can I avoid that? What have I done wrong? I know how to solve this: Stop the Computer Browser service on clients, but I don't know how to avoid this since the problem comes back every time I add a new client and I forget to stop the Computer Browser service. Error message: The master browser has received a server announcement from the computer [computer] that believes that it is the master browser for the domain on transport NetBT_Tcpip_{#######-####-####-#. The master browser is stopping or an election is being forced. Is there an configuration of the server to avoid this problem?

    Read the article

  • SQL Server rolling forward lots of transactions, what should I look at?

    - by Anthony D
    I am running SQL Server Express on a Windows XP Embedded box. It runs for a day or two, doing some transactional processing for a POS type system, and with another system pulling data out to an OLAP DB for processing. After a while, I see in the event viewer the sequence SQL Server puts out when it restarts, copy rights, command line parameters, and so on. It seems like that coincides with our OLAP process crashing. I then see that when it restarts our transaction DB, it does a recovery, pulling in 10K or so in transactions that need to be rolled forward. Does this mean SQL has crashed? I don't really see much to indicate what happened. Update 1 I noticed I have my memory limit set to 1MB per query and 2TB for the server. These are the defaults. I only have one GB in the box. We have seen SQL crash a whole box by just using all the system memory. In this case though the whole box is up when we get to it.

    Read the article

  • The previous system shutdown at xxxx was unexpected

    - by m.edmondson
    For the past two nights we had a remote server shutdown unexpectedly. When rebooted we get the following message: Event Type: Error Event Source: EventLog Event Category: None Event ID: 6008 Date: 16/02/2011 Time: 09:10:43 User: N/A Computer: WELPLAN-1 Description: The previous system shutdown at 07:27:32 on 16/02/2011 was unexpected. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: db 07 02 00 03 00 10 00 Û....... 0008: 07 00 1b 00 20 00 42 02 .... .B. 0010: db 07 02 00 03 00 10 00 Û....... 0018: 07 00 1b 00 20 00 42 02 .... .B. Obviously this message doesn't help much, but what does all the hexadecimal mean? Will it help me track down the problem? Any pointers as to where to look?

    Read the article

  • Windows keyboard macro playback software?

    - by WilliamKF
    Many years ago, I had a product called Quickeys for the Macintosh that allowed me to record keyboard and mouse events and create a macro that could be assigned to a keyboard accelerator. This was a really useful tool, but I haven't seen anything like it ever on Microsoft Windows OS platform. Does such a product exist?

    Read the article

  • Forward Windows Events Logs to Rsyslog

    - by SamCulley
    Thanks for taking time to read this post. Basically I would like to forward Windows Events Logs from all my desktop clients to a linux box with rsyslog on. Rsyslog provide a Windows agent to do just that but its 40 euros per license and when you have x amount of machines that cost adds up. I was wondering if there is a FOSS alternative available I have tried searching the Google but haven't managed to find anything. Hopefully someone might already faced this same problem and are using an alternative that they could recommend. Again thanks for reading, Kind Regards Sam

    Read the article

  • What's the equivalent of Wevtutil in XP or 2003?

    - by Matt
    I have a batch file for saving event logs to our shared drive. I want to do this for XP and Server 2003 without very much effort. What could I use since Wevtutil is only on Vista and up? rem Script start here rem Timestamp Generator set BACKUP_PATH=\\shared-drive\it\Temp\Event-Logs\ rem Parse the date (e.g., Thu 02/28/2013) set cur_yyyy=%date:~10,4% set cur_mm=%date:~4,2% set cur_dd=%date:~7,2% rem Parse the time (e.g., 11:20:56.39) set cur_hh=%time:~0,2% if %cur_hh% lss 10 (set cur_hh=0%time:~1,1%) set cur_nn=%time:~3,2% set cur_ss=%time:~6,2% set cur_ms=%time:~9,2% rem Set the timestamp format set timestamp=%cur_yyyy%%cur_mm%%cur_dd%-%cur_hh%%cur_nn%%cur_ss%%cur_ms% rem Set the computername format set servname=%computername% wevtutil epl System %BACKUP_PATH%\%servname%_%timestamp%_system.evtx wevtutil epl Application %BACKUP_PATH%\%servname%_%timestamp%_application.evtx wevtutil epl Security %BACKUP_PATH%\%servname%_%timestamp%_security.evtx rem End of Script

    Read the article

  • How can i find the trigger of an acpi event ?

    - by n00ki3
    My Server shutsdown . Evertime at midnight. The acpi Event power_button is triggered. at /etc/acpi/events/power_button power_button: # care about the power button event=button/power.* action=/usr/lib/acpid/power_button How can i find out the "Caller" or the Trigger of this event ?

    Read the article

  • creating a journal/blog

    - by DijnsK
    hi, im trying to replace our current journal (excel sheet) with a web portal based journal. something kind of like twitter, but with more options. also needs to have a login so we can track the people entering. it can also be some sort of tool but i cant find anything that meets our demands... i could use a ITIL ticket service but that has way to much functionalities for our use. im basicly looking for a webportal with a shared blog, where users can login and creat new entries with: a topic name a automated follow-up ID number a field where they can enter specific info a reply field and a status field with pre defined statuses can anyone help me with this? thanks in advance. Koen

    Read the article

  • How can I read pcap files in a friendly format?

    - by Tony
    a simple cat on the pcap file looks terrible: $cat tcp_dump.pcap ?ò????YVJ? JJ ?@@.?E<??@@ ?CA??qe?U?????h? .Ceh?YVJ?? JJ ?@@.?E<??@@ CA??qe?U?????z? .ChV?YVJ$?JJ ?@@.?E<-/@@A?CA??9????F???A&? .Ck??YVJgeJJ@@.??#3E<@3{n??9CA??P???F???<K? ??`.Ck??YVJgeBB ?@@.?E4-0@@AFCA??9????F?P????? .Ck???`?YVJ?""@@.??#3E?L@3?I??9CA??P???F????? ???.Ck?220-rly-da03.mx etc. I tried to make it prettier with: sudo tcpdump -ttttnnr tcp_dump.pcap reading from file tcp_dump.pcap, link-type EN10MB (Ethernet) 2009-07-09 20:57:40.819734 IP 67.23.28.65.49237 > 216.239.113.101.25: S 2535121895:2535121895(0) win 5840 <mss 1460,sackOK,timestamp 776168808 0,nop,wscale 5> 2009-07-09 20:57:43.819905 IP 67.23.28.65.49237 > 216.239.113.101.25: S 2535121895:2535121895(0) win 5840 <mss 1460,sackOK,timestamp 776169558 0,nop,wscale 5> 2009-07-09 20:57:47.248100 IP 67.23.28.65.42385 > 205.188.159.57.25: S 2644526720:2644526720(0) win 5840 <mss 1460,sackOK,timestamp 776170415 0,nop,wscale 5> 2009-07-09 20:57:47.288103 IP 205.188.159.57.25 > 67.23.28.65.42385: S 1358829769:1358829769(0) ack 2644526721 win 5792 <mss 1460,sackOK,timestamp 4292123488 776170415,nop,wscale 2> 2009-07-09 20:57:47.288103 IP 67.23.28.65.42385 > 205.188.159.57.25: . ack 1 win 183 <nop,nop,timestamp 776170425 4292123488> 2009-07-09 20:57:47.368107 IP 205.188.159.57.25 > 67.23.28.65.42385: P 1:481(480) ack 1 win 1448 <nop,nop,timestamp 4292123568 776170425> 2009-07-09 20:57:47.368107 IP 67.23.28.65.42385 > 205.188.159.57.25: . ack 481 win 216 <nop,nop,timestamp 776170445 4292123568> 2009-07-09 20:57:47.368107 IP 67.23.28.65.42385 > 205.188.159.57.25: P 1:18(17) ack 481 win 216 <nop,nop,timestamp 776170445 4292123568> 2009-07-09 20:57:47.404109 IP 205.188.159.57.25 > 67.23.28.65.42385: . ack 18 win 1448 <nop,nop,timestamp 4292123606 776170445> 2009-07-09 20:57:47.404109 IP 205.188.159.57.25 > 67.23.28.65.42385: P 481:536(55) ack 18 win 1448 <nop,nop,timestamp 4292123606 776170445> 2009-07-09 20:57:47.404109 IP 67.23.28.65.42385 > 205.188.159.57.25: P 18:44(26) ack 536 win 216 <nop,nop,timestamp 776170454 4292123606> 2009-07-09 20:57:47.444112 IP 205.188.159.57.25 > 67.23.28.65.42385: P 536:581(45) ack 44 win 1448 <nop,nop,timestamp 4292123644 776170454> 2009-07-09 20:57:47.484114 IP 67.23.28.65.42385 > 205.188.159.57.25: . ack 581 win 216 <nop,nop,timestamp 776170474 4292123644> 2009-07-09 20:57:47.616121 IP 67.23.28.65.42385 > 205.188.159.57.25: P 44:50(6) ack 581 win 216 <nop,nop,timestamp 776170507 4292123644> 2009-07-09 20:57:47.652123 IP 205.188.159.57.25 > 67.23.28.65.42385: P 581:589(8) ack 50 win 1448 <nop,nop,timestamp 4292123855 776170507> 2009-07-09 20:57:47.652123 IP 67.23.28.65.42385 > 205.188.159.57.25: . ack 589 win 216 <nop,nop,timestamp 776170516 4292123855> 2009-07-09 20:57:47.652123 IP 67.23.28.65.42385 > 205.188.159.57.25: P 50:56(6) ack 589 win 216 <nop,nop,timestamp 776170516 4292123855> 2009-07-09 20:57:47.652123 IP 67.23.28.65.42385 > 205.188.159.57.25: F 56:56(0) ack 589 win 216 <nop,nop,timestamp 776170516 4292123855> 2009-07-09 20:57:47.668124 IP 67.23.28.65.49239 > 216.239.113.101.25: S 2642380481:2642380481(0) win 5840 <mss 1460,sackOK,timestamp 776170520 0,nop,wscale 5> 2009-07-09 20:57:47.692126 IP 205.188.159.57.25 > 67.23.28.65.42385: P 589:618(29) ack 57 win 1448 <nop,nop,timestamp 4292123893 776170516> 2009-07-09 20:57:47.692126 IP 67.23.28.65.42385 > 205.188.159.57.25: R 2644526777:2644526777(0) win 0 2009-07-09 20:57:47.692126 IP 205.188.159.57.25 > 67.23.28.65.42385: F 618:618(0) ack 57 win 1448 <nop,nop,timestamp 4292123893 776170516> 2009-07-09 20:57:47.692126 IP 67.23.28.65.42385 > 205.188.159.57.25: R 2644526777:2644526777(0) win 0 Well...that is much prettier but it doesn't show the actual messages. I can actually extract more information just viewing the RAW file. What is the best ( and preferably easiest) way to just view all the contents of the pcap file? UPDATE Thanks to the responses below, I made some progress. Here is what it looks like now: tcpdump -qns 0 -A -r blah.pcap 20:57:47.368107 IP 205.188.159.57.25 > 67.23.28.65.42385: tcp 480 0x0000: 4500 0214 834c 4000 3306 f649 cdbc 9f39 [email protected] 0x0010: 4317 1c41 0019 a591 50fe 18ca 9da0 4681 C..A....P.....F. 0x0020: 8018 05a8 848f 0000 0101 080a ffd4 9bb0 ................ 0x0030: 2e43 6bb9 3232 302d 726c 792d 6461 3033 .Ck.220-rly-da03 0x0040: 2e6d 782e 616f 6c2e 636f 6d20 4553 4d54 .mx.aol.com.ESMT 0x0050: 5020 6d61 696c 5f72 656c 6179 5f69 6e2d P.mail_relay_in- 0x0060: 6461 3033 2e34 3b20 5468 752c 2030 3920 da03.4;.Thu,.09. 0x0070: 4a75 6c20 3230 3039 2031 363a 3537 3a34 Jul.2009.16:57:4 0x0080: 3720 2d30 3430 300d 0a32 3230 2d41 6d65 7.-0400..220-Ame 0x0090: 7269 6361 204f 6e6c 696e 6520 2841 4f4c rica.Online.(AOL 0x00a0: 2920 616e 6420 6974 7320 6166 6669 6c69 ).and.its.affili 0x00b0: 6174 6564 2063 6f6d 7061 6e69 6573 2064 ated.companies.d etc. This looks good, but it still makes the actual message on the right difficult to read. Is there a way to view those messages in a more friendly way? UPDATE This made it pretty: tcpick -C -yP -r tcp_dump.pcap Thanks!

    Read the article

  • LogParser query to grab only external IP addresses from IIS logs?

    - by Josh
    I'm working on a public website that is used by both external visitors and internal employees. I'm after the external visitor hits, but I can't think of a good way to filter out the internal IP ranges. Using LogParser, what is the best way to filter IISW3C logs by IP range? This is all I've come up with so far, which can't possibly be the best or most efficient way. WHERE [c-ip] NOT LIKE (10.10.%, 10.11.%) Any help is appreciated.

    Read the article

  • Can Windows logoff events be tracked?

    - by Massimo
    I'm working on an application to track network user logon/logoff events in an Active Directory domain; the application will work by auditing security logs on domain controllers. Auditing logon events can get somewhat tricky, but it can succesfully be done. My problem: how can I track logoff events? Based on some research I've done, it looks like these events are only logged locally on workstations, but not on DCs; also, the "lastLogoff" attribute exists on AD user objects, but it's not actually used by anyone. This is a very specific question: is something logged on DCs when a user logs off from a domain workstation? To clarify: I'm not intereseted in other auditing mehods, I can't deploy logon/logoff scripts and I can't install anything anywhere; I also know opened and closed network sessions are logged, but this is not what I'm looking for. I need to audit interactive logons and logoffs to domain workstations, and I can do this by only reading domain controllers security logs; reading each workstation's local event logs is out of question. If this can't be done, it's ok; but I need a clear answer on that. Can this be done? If yes, how?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 52 53 54 55 56 57 58 59 60 61 62 63  | Next Page >