Search Results

Search found 55692 results on 2228 pages for 'error logging'.

Page 8/2228 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Remote Desktop failed logon event 4625 not logging correctly on 2008 Terminal Services server

    - by Zone12
    When I use the new remote desktop with ssl and try to log on with bad credentials it logs a 4625 event as expected. The problem is, it doesn't log the ip address, so I can't block malicious logons in our firewall. The event looks like this: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{00000000-0000-0000-0000-000000000000}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2012-04-13T06:52:36.499113600Z" /> <EventRecordID>467553</EventRecordID> <Correlation /> <Execution ProcessID="544" ThreadID="596" /> <Channel>Security</Channel> <Computer>ontheinternet</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">notauser</Data> <Data Name="TargetDomainName">MYSERVER-PC</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc0000064</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">NtLmSsp</Data> <Data Name="AuthenticationPackageName">NTLM</Data> <Data Name="WorkstationName">MYSERVER-PC</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">-</Data> <Data Name="IpPort">-</Data> </EventData> </Event> It seems because the logon type is 3 and not 10 like the old rdp sessions, the ip address and other information is not stored. The machine I am trying to connect from is on the internet and not on the same network as the server. Does anyone know where this information is stored (and what other events are generated with a failed logon)? Any help will be much appreciated.

    Read the article

  • Apache logging issues

    - by Dan
    I'm trying to parse apache log files, but I'm finding some strange results and I'm not sure what they mean. Hopefully someone can provide some insight. (all of the IP addresses were altered. none actually start with 192, I didn't figure the search engines mattered though.) In the first example, multiple ip addresses are showing up in the host field: 192.249.71.25 - - [04/Aug/2009:04:21:44 -0500] "GET /publications/example.pdf HTTP/1.1" 200 2738 192.0.100.93, 192.20.31.86 - - [04/Aug/2009:04:21:22 -0500] "GET /docs/another.pdf HTTP/1.0" 206 371469 What causes this? Does it have to do with proxy servers? Is there a way to have Apache only log one? In the second example, a bunch of information is just completely missing! What would cause this? msnbot-65-55-207-50.search.msn.com - - [29/Dec/2009:15:45:16 -0600] "GET /publications/example.pdf HTTP/1.1" 200 3470073 "-" "msnbot/2.0b (+http://search.msn.com/msnbot.htm)" 266 3476792 - - - - "-" - - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)" 285 594 - - - - "-" - - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)" 285 4195 - - - - "-" - - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)" 299 109218 crawl-17c.cuil.com - - [29/Dec/2009:15:45:46 -0600] "GET /publications/another.pdf HTTP/1.0" 200 101481 "-" "Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html)" 253 101704 My CustomLog configuration says: LogFormat "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" %I %O" common

    Read the article

  • Enabling login logging in Ubuntu 9.10

    - by Sopa Christian
    On a Ubuntu 9.10 system: $ uname -a Linux ionut-laptop 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686 GNU/Linux the files /var/log/wtmp and /var/log/btmp are empty: $ ls -la /var/log/?tmp -rw-rw---- 1 root utmp 0 2010-04-10 16:54 /var/log/btmp -rw-rw-r-- 1 root utmp 0 2010-04-10 16:54 /var/log/wtmp Because of this, the last(1) command is not working. What to do?

    Read the article

  • Centralized logging for JBoss / log4j? [closed]

    - by mfarver
    Does anyone have advice or a pointer to articles on how to centralize logs in JBoss? JBoss will log to syslog, which makes it easy, but doing so breaks multi line debug messages (and Jboss loves dropping exception stack traces in the logs). I can rsync the logs, but that isn't realtime. Log4j has appenders for TCP and multicast sockets, so it seems like something probably exists for streaming logs, but I haven't found a receiver for the data. Thanks

    Read the article

  • Logging all Firefox HTTP Request Headers?

    - by Hayek
    I'm using Ruby+Watir to request pages through Firefox. I would like to record the headers and content of every http request made through the browser. Would it be possible to configure a proxy solution to store this information, either in a file or pipe it into an application? I'm running Ubuntu x64. // Edit: I would like to store the data in logs because I would like to view it later. Preferably, I am looking for a solution that runs quietly in the background and stores the headers/content in files.

    Read the article

  • Kernel Logging disabled?

    - by Tiffany Walker
    uname -a Linux host 2.6.32-279.9.1.el6.i686 #1 SMP Tue Sep 25 20:26:47 UTC 2012 i686 i686 i386 GNU/Linux And start ups: ls /etc/init.d/ abrt-ccpp certmonger dovecot irqbalance matahari-broker mdmonitor nfs proftpd rpcbind single ypbind abrtd cgconfig functions kdump matahari-host messagebus nfslock psacct rpcgssd smartd abrt-oops cgred haldaemon killall matahari-network mysqld ntpd qpidd rpcidmapd sshd acpid cpuspeed halt ktune matahari-rpc named ntpdate quota_nld rpcsvcgssd sssd atd crond httpd lfd ma tahari-service netconsole oddjobd rdisc rsyslog sysstat auditd csf ip6tables lvm2-lvmetad matahari-sysconfig netfs portreserve restorecond sandbox tuned autofs cups iptables lvm2-monitor matahari-sysconfig-console network postfix rngd saslauthd udev-post But when I installed CSF/LFD I am getting nothing. LFD does not create lfd.log and nor are any blocks being logged in /var/log/messages either from the firewall. This is not natural. I looked for klogd but maybe I am looking in the wrong place for it to see if it is enabled? ls /etc/init.d/syslog ls: cannot access /etc/init.d/syslog: No such file or directory Also noticed no syslog? Also noticed this: csf -d 84.113.21.201 Adding 84.113.21.201 to csf.deny and iptables DROP... iptables: No chain/target/match by that name. iptables: No chain/target/match by that name. I've never seen this before and this is a dedicated box. Also: ./csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination

    Read the article

  • Logging Apache2 payload to evaluate SOAP message

    - by Phil
    I am trying to log webservice specific information with Apache (Apache acts as a load-balancer by use of mod_jk). For instance I want to know how long the responsetime of each webservice-call takes. To do this I definitely would need to know the name of the webservice-method in the log-file. As a matter of fact, the name of the webservice-method is wrapped in the SOAP-body, to which I have no access to with the default-configuration. Does anybody know an Apache module to extend the log-information? Or are there any other ideas to solve this challenge? Thx!

    Read the article

  • Enabling Linux login logging in wtmp

    - by jean88
    On a Ubuntu 9.10 system: $ uname -a Linux ionut-laptop 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686 GNU/Linux the files /var/log/wtmp and /var/log/btmp are empty: $ ls -la /var/log/?tmp -rw-rw---- 1 root utmp 0 2010-04-10 16:54 /var/log/btmp -rw-rw-r-- 1 root utmp 0 2010-04-10 16:54 /var/log/wtmp Because of this, the last(1) command is not working. What to do?

    Read the article

  • Logging with Resource Monitor?

    - by Jay White
    I am having sudden spikes in disk read activity, which can tie up my system for a few seconds at a time. I would like to figure out the cause of this before I set my machine to go live. With Performance Monitor I know I can log activity, but this does not show me individual processes that cause a spike. Resource Monitor allows me to see processes, but I have no way to keep logs. It seems unless I have Resource Monitor open at the time of a spike, I will not be able to identify the process causing the spike. Can someone suggest a way to log with Resource Monitor, or an alternative tool that can?

    Read the article

  • Tool for logging NIC link state events.

    - by Alan B
    Intel NICs have a driver option (in Windows) that will log link state events to the system log, so if the network drops out periodically you can determine that fact. Does anyone know of a simple generic solution that does this, in other words one that is not part of the driver from a particular manufacturer? I know there are plenty of 'big iron' network monitoring tools out there but surely there's something really simple that runs as a service in Windows with minimal setup ? TIA

    Read the article

  • Logfiles filling with iptables logging

    - by Peter I
    OS: Debian 6 Server Version I have different logfiles which are filling up: user@server:/var/log$ ls -lahS | head total 427G -rw-r--r-- 1 root root 267G Nov 2 17:29 bandwidth -rw-r----- 1 root adm 44G Nov 2 17:29 kern.log -rw-r----- 1 root adm 27G Nov 2 17:29 debug -rw-r----- 1 root adm 23G Oct 27 06:33 kern.log.1 -rw-r----- 1 root adm 17G Nov 2 17:29 messages -rw-r----- 1 root adm 14G Oct 27 06:33 debug.1 -rw-r----- 1 root adm 12G Nov 2 17:29 syslog -rw-r----- 1 root adm 12G Nov 1 06:26 syslog.1 -rw-r----- 1 root adm 9.0G Oct 27 06:33 messages.1 So I looked up the file /etc/iptables.up.rules which had those lines in it: -A FORWARD -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT: -A FORWARD -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN: -A OUTPUT -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT: -A INPUT -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN: So deleting those lines will solve my problem. But how would I edit those lines without losing their functionality?

    Read the article

  • Complex Apache Logging

    - by Shishant
    Hello, I have a file hosting site and I want to know what should be the apache log format/code to log records for only filesizes above 5mb that were served as download/output bandwidth So log looks like this visitors_ip filepath(or filename) output bandwidth One more thing data should be recorded ONLY FOR COMPLETED DOWNLOADS which I believe is checked through %X I think output bandwidth is same as the filesize that was served as download if whole file is downloaded. Thank You

    Read the article

  • Clean logging with BASH

    - by Matt Krouse
    I have a script that deletes files 7 days or older and then logs them to a folder. It logs and deletes everything correctly but when I open up the log file for viewing, its very sloppy. log=$HOME/Deleted/$(date) find $HOME/OldLogFiles/ -type f -mtime +7 -delete -print > "$log" The log file is difficult to read Example File Output: (when opened in notepad) /home/u0146121/OldLogFiles/file1.txt/home/u0146121/OldLogFiles/file2.txt/home/u0146121/OldLogFiles/file3.txt Is there anyway to log the file nicer and cleaner? Maybe with the Filename, date deleted, and how old it was? Any suggestions help!

    Read the article

  • Logging Remote Server Access via Remote Desktop

    - by Nate Bross
    The objective here is to start a simple .NET application I've written which captures some environment variables (time, username, computername, etc) upon login. This .NET application subscribes to the Windows "User logout" event. Upon launch, the application captures the above variables, and creates a record in my database, upon logout (which I'm capturing) I update another field in the same record, with the logout time. The above is working exactly as I would like, when I launch the binary, it makes its initial log entry, then waits for the logout event and updates the same record. Restrictions, the .NET binary should be able to live on a share point (\server\share\myapp\v1) so I can update the application to (\server\share\myapp\v2) and simply update the GPO/Logon script. My initial thought was to use the \domaincontroller\sysvol\ directory to store the binary and then update all user accounts to include a call to my application. Can you see any flaws in this approach? My question is this: First, is there anything wrong with my idea above? Second, if so, what is the best way (through group policy or otherwise) to ensure this application launches whenever a session is started on a server?

    Read the article

  • OSSIM - Snort/OSSEC/Nagios Logging Config Question

    - by user15736
    Quick n00b OSSIM question. I've looked around but haven't found exactly what I'm looking for. I currently have a Nagios, OSSEC, Nessus, and Snort server and I want to keep those servers active but just ship the logs to the OSSIM server and have it do the correlating and graphing. Can that be done? Everything I've seen is putting the various software functions actually on the OSSIM box but I don't want to do that. I'm running CentOS on all of the systems. Thanks.

    Read the article

  • Setting up logging for a remote backup script

    - by Brian Dainis
    So I wrote up a short script that I am planning to run via a cron job daily to package up my site files and send them to a remote location. I also plan to incorporate DB dumps, but I have not gotten that far yet. My issue today however is that Im am uncertain how to log the output of each command for errors, warnings, or other pertinent information the command may output. I would also like to install sometype of fail safe so if something goes horribly wrong the script will stop dead in its tracks and notify me via email or something. Ok the email thing is not as critical, but would be nice. Does anybody have any ideas for that? Here is what I have so far. By the way, both servers are CentOS 6.2 running standard LAMP. #!/bin/sh ################################# ### Set Vars ################################# THEDATE=`date +%m%d%y%H%M` ################################# ### Create Archives ################################# tar -cf /root/backups/files/server_BAK_${THEDATE}.tar -C / var/www/vhosts gzip /root/backups/files/server_BAK_${THEDATE}.tar ################################# ### Send Data to Remote Server ################################# scp /root/backups/files/server_BAK_${THEDATE}.tar.gz user@host:/home/bak1/ftp/backups/ ################################# ### Remove Data from this Server ################################# rm -rf /root/backups/files/server_BAK_${THEDATE}.tar.gz

    Read the article

  • Logging the client IP with Nginx/Varnish/Apache

    - by jetboy
    I have Nginx listening on port 443 as an SSL terminator, and proxying unencrypted traffic to Varnish on the same server. Varnish 3 is handling this traffic, and traffic coming in directly on port 80. All traffic is passed, unencrypted, to Apache instances on other servers in the cluster. The Apache instances use mod_rpaf to replace the logged client IP with the contents of the X-Forwarded-For header. My problem is that if the traffic is coming via Nginx, while the 'correct' client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1 downstream, and this is getting logged with Apache. Is there a nice simple way to stop Varnish rewriting X-Forwarded-For if it's already populated?

    Read the article

  • Logging in worker threads spawned from a pylons application does not seem to work

    - by TimM
    I have a pylons application where, under certain cirumstances I want to spawn multiple worker threads to process items in a queue. Right now we aren't making use of a ThreadPool (would be ideal, but we'll add that in later). The main problem is that the worker threads logging does not get written to the log files. When I run the code outside of the pylons application the logging works fine. So I think its something to do with the pylons log handler but not sure what. Here is a basic example of the code (trimmed down): import logging log = logging.getLogger(__name__) import sys from Queue import Queue from threading import Thread, activeCount def run(input, worker, args = None, simulteneousWorkerLimit = None): queue = Queue() threads = [] if args is not None: if len(args) > 0: args = list(args) args = [worker, queue] + args args = tuple(args) else: args = (worker, queue) # start threads for i in range(4): t = Thread(target = __thread, args = args) t.daemon = True t.start() threads.append(t) # add ThreadTermSignal inputData = list(input) inputData.extend([ThreadTermSignal] * 4) # put in the queue for data in inputData: queue.put(data) # block until all contents are downloaded queue.join() log.critical("** A log line that appears fine **") del queue for thread in threads: del thread del threads class ThreadTermSignal(object): pass def __thread(worker, queue, *args): try: while True: data = queue.get() if data is ThreadTermSignal: sys.exit() try: log.critical("** I don't appear when run under pylons **") finally: queue.task_done() except SystemExit: queue.task_done() pass Take note, that the log lin within the RUN method will show up in the log files, but the log line within the worker method (which is run in a spawned thread), does not appear. Any help would be appreciated. Thanks ** EDIT: I should mention that I tried passing in the "log" variable to the worker thread as well as redefining a new "log" variable within the thread and neither worked. ** EDIT: Adding the configuration used for the pylons application (which comes out of the INI file). So the snippet below is from the INI file. [loggers] keys = root [handlers] keys = wsgierrors [formatters] keys = generic [logger_root] level = WARNING handlers = wsgierrors [handler_console] class = StreamHandler args = (sys.stderr,) level = WARNING formatter = generic [handler_wsgierrors] class = pylons.log.WSGIErrorsHandler args = () level = WARNING format = generic

    Read the article

  • BIRT logging in the onFetch step of a dataset

    - by Mark Underwood
    Hi all, Im having trouble with some javascript in the onFetch step of a dataset in a BIRT report. I've added logging in the initialise step of the report in a few different ways. The runtime im using is Tivoli Common Reporting, and they supply a logging framework. Its initialised as so reportContext.setPersistentGlobalVariable("logfileName", "DateRangeParm.log"); setupLogging(); logInitialize(); debugLogger("Started logging in initialize step"); debugLogger("Date: " + new Date()); This works fine to log on the steps of the report(ie initialise, BeforeRender, AfterRender etc.) but I cant seem to log anything in the Dataset steps such as onFetch etc. Ive also tried importPackage(Packages.java.util.logging); var fileHandler = new FileHandler("/tmp/birt.log", true); var rootLogger = Logger.getLogger(""); rootLogger.addHandler(fileHandler); as the BIRT instructions tell me to do in the BIRTFAQ Once again this allowed me to log things in the main report (ie BeforeRender etc) but not in the dataset onFetch Step. Ive also tried putting the previous javascript into the onFetch and that didnt seem to work either. Its a bit of a mystery. Im running Ubuntu 9.04. IBM java 1.5. Eclipse 3.5.0 and BIRT 2.5.1. Any help would be great.

    Read the article

  • No Commons Logging in Android?

    - by Joe Boese
    Hello all, I have a pretty big library I developed specifically for use in my Android Application. However business logic itself has no dependency on Android. To preserve that, I used Commons Logging throughout this library and it's respective JUnit tests (which I run in Eclipse). However now that I am starting to integrate it into an Activity which I launch on Android, I am unable to get my logging to work. In Eclipse/JUnit, I had simply pulled in log4j's jar file as well as a log4j.properties file. This doesn't seem to work when deploying to a device. After struggling with attempting to get that to work for several hours, I gave up and tried replacing all my commons logging stuff with android.util.Log. Now I can log on the device.. but all JUnit tests are broken. When any JUnit tries to log using android.util.Log, it throws a RuntimeException 'Stub!'. I would prefer to revert to my commons logging approach.. if anyone can help with that.. otherwise.. what can I do to get my JUnit test cases running using 'android.util.Log'? Many thanks in advance.. I've spent more than a few hours on this and I'd like to move on to writing real code again! Joe

    Read the article

  • Where does java.util.logging.Logger store their log

    - by Harry Pham
    This might be a stupid question but I am a bit lost with java Logger private static Logger logger = Logger.getLogger("order.web.OrderManager"); logger.info("Removed order " + id + "."); Where do I see the log? Also this quote from java.util.logging.Logger library: On each logging call the Logger initially performs a cheap check of the request level (e.g. SEVERE or FINE) against the effective log level of the logger. If the request level is lower than the log level, the logging call returns immediately. After passing this initial (cheap) test, the Logger will allocate a LogRecord to describe the logging message. It will then call a Filter (if present) to do a more detailed check on whether the record should be published. If that passes it will then publish the LogRecord to its output Handlers. Does this mean that if I have 3 request level log: logger.log(Level.FINE, "Something"); logger.log(Level.WARNING, "Something"); logger.log(Level.SEVERE, "Something"); And my log level is SEVERE, I can see all three logs, if my log level is WARNING, then I cant see SEVERE log, is that correct? And how do I set the log level?

    Read the article

  • c++ simple conditional logging

    - by Sunny
    Disclaimer: I'm not a c++ developer, I can only do basic things. (I understand pointers, just my knowledge is so rusty, I haven't touch c/c++ for about 20 years :) ) The setup: I have an Outlook addin, written in C#/.Net 1.1. It uses a c++ shim to load. Usually, this works pretty well, and I use in my c# code nlog for logging purposes. But sometimes, the addin fails to load, i.t. it does not hit the managed code at all for me to be able to investigate the problem from the log files. So, I need to hook some basic logging into the c++ shim - just writing in a file. I need to make it as simple as possible for our users to enable. Actually I would prefer not to ship it by default. I was thinking about something, which will check if a specific dll is present (the logging dll), and if so, to use it. Otherwise, it will just not log anything. That way, when I have a user with such a problems, I can send him only the logging dll, the user will save it in the runtime directory, and I'll have the file. I guess this have to be done with some form a factory solution, which returns either a dummy logger, or if the dll is found, a real one. Another option would be to make some simple logger, and rebuild the shim with or w/o using it, based on directives. This is not the desirable approach, because the shim needs to be signed, and I have to instruct the user to make a backup copy of the "real" one, then restore when done, etc., instead of just saving and deleting a dll. I'd appreciate any good suggestion how to approach it, together with links or sample code how to go after this. Cheers

    Read the article

  • How to recover from a fatal error "Allowed memory size exhausted"

    - by Matthieu
    Hi everybody, Do you know any solution to recover from the PHP fatal error : "Allowed memory size ... exhausted" I have a shutdown function that is called when a fatal error appear. This function create an ErrorException from it, and logs it. The problem is : when there is no more memory available, it can't log the error (I log in Firebug, via FirePHP, with Zend Framework). So what i mean by "how to recover from it", is how to perform basic error log, and let Zend Framework send the Headers, so that the error is logged (in Firebug in my case) as any other error ? Thanks

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >