| 1 |
On Tuesday 17 Feb 2015 19:17:20 lee wrote: |
| 2 |
> Alan Mackenzie <acm@×××.de> writes: |
| 3 |
> > Hello, Lee. |
| 4 |
> > |
| 5 |
> > On Tue, Feb 17, 2015 at 07:26:05PM +0100, lee wrote: |
| 6 |
> >> Hi, |
| 7 |
> >> |
| 8 |
> >> how do you read the log files when using syslog-ng? |
| 9 |
> >> |
| 10 |
> >> The log file seem to be some sort of binary that doesn't display too |
| 11 |
> >> well in less, and there doesn't seem to be any way to read them. |
| 12 |
> > |
| 13 |
> > When I try "less /var/log/messages", less gives me what is basically a |
| 14 |
> > hex dump of the file. I'm assuming you see the same. |
| 15 |
> |
| 16 |
> Yes, that's what I was looking at. |
| 17 |
> |
| 18 |
> > less searches part of the buffer (presumably the first few KB) and if it |
| 19 |
> > finds non-printable characters, uses an input filter first to convert to |
| 20 |
> > the hex dump. |
| 21 |
> |
| 22 |
> Is that a new feature of less? I've never had this problem with any |
| 23 |
> other file. IIRC, unprintable characters, like null, used to be |
| 24 |
> displayed like ^@, and less always did a great job in preventing the |
| 25 |
> display from needing a reset without switching to an equivalent of |
| 26 |
> hexl-mode. |
| 27 |
> |
| 28 |
> |
| 29 |
> BTW, what happens when something writes to /var/log/messages? I noticed |
| 30 |
> today that the default shorewall.conf that ships with gentoo has that |
| 31 |
> set as logfile for shorewall. Shouldn't all messages going into |
| 32 |
> /var/log/messages go to syslog-ng instead when syslog-ng is used, with |
| 33 |
> nothing else writing to this file? |
| 34 |
|
| 35 |
It depends on what filters have been set in the configuration file of the |
| 36 |
application in question or syslog-ng. |
| 37 |
|
| 38 |
I use less -L /var/log/messages to see the content of the log files in plain |
| 39 |
text. At boot up I get a load of: |
| 40 |
|
| 41 |
Feb 16 07:54:04 |
| 42 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 43 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 44 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 45 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 46 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 47 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 48 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset |
| 49 |
Feb 16 07:54:04 |
| 50 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 51 |
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
| 52 |
|
| 53 |
being printed up. Perhaps I will disable cgroups in the kernel and see what |
| 54 |
gives. I don't use containers anyway. |
| 55 |
|
| 56 |
-- |
| 57 |
Regards, |
| 58 |
Mick |
Archives