Getting "--MARK--" in the generated logs----Please REPLY soon
Hi All, Since last three days I m getting the logs as follows: Dec 17 02:37:35 src@inoc-cabin3-17 -- MARK -- Dec 17 02:57:35 src@inoc-cabin3-17 -- MARK -- Dec 17 03:17:35 src@inoc-cabin3-17 -- MARK -- Dec 17 03:37:35 src@inoc-cabin3-17 -- MARK -- Dec 17 03:57:35 src@inoc-cabin3-17 -- MARK -- Dec 17 04:17:35 src@inoc-cabin3-17 -- MARK -- Dec 17 04:37:35 src@inoc-cabin3-17 -- MARK -- Dec 17 04:57:35 src@inoc-cabin3-17 -- MARK -- Dec 17 05:17:35 src@inoc-cabin3-17 -- MARK -- Dec 17 05:37:35 src@inoc-cabin3-17 -- MARK -- Can any one please let me know the reasons why this is happening????? I m attaching the file syslog-ng.conf configuration file.....Please check it and inform me.... "Faliure is not getting knocked down, it's not getting up again" --------------------------------- 5, 50, 500, 5000 - Store N number of mails in your inbox. Click here.
On Mon, 17 Dec 2007 10:34:54 GMT, ROHIT SAXENA said:
--0-471570365-1197887694=:71825
Since last three days I m getting the logs as follows:
Dec 17 02:37:35 src@inoc-cabin3-17 -- MARK --
Can any one please let me know the reasons why this is happening?????
source src { #pipe("/proc/kmsg"); unix-stream("/dev/log"); internal(); udp();
This 'udp();' is probably your culprit. Most likely, the machine called 'inoc-cabin3-17' is chugging off a 'MARK' every 20 minutes because it hasn't logged any *other* syslog traffic in the interim (very handy so you can tell the difference between "machine crashed sometime between 11:34PM (last msg) and 8AM when we found it dead" and "machine was alive at 3:45 because it MARK'ed, and dead at 4AM because it didn't"...) Now, if you don't know who 'inoc-cabin3-17' is, that's a *different* problem ;)
participants (2)
-
ROHIT SAXENA
-
Valdis.Kletnieks@vt.edu