Logging

Logging

[Chris Rose]

Can anyone on the list suggest some tools for log reading?  i'm trying to 
audit my ftp server (proftpd) and i have no idea how to configure its 
logging, nor how best to view what it puts out.  i have Webmin, but the 
logging interface in there is pretty unclear to someone who's got nothing 
to start from, knowledge-wise.


Chris Rose
==========
1952 - 2001 = 42


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Logging

[Richard Adams]

On Wednesday 10 April 2002 05:46, Chris Rose wrote:
> Can anyone on the list suggest some tools for log reading?  i'm trying to
> audit my ftp server (proftpd) and i have no idea how to configure its
> logging, nor how best to view what it puts out.  i have Webmin, but the
> logging interface in there is pretty unclear to someone who's got nothing
> to start from, knowledge-wise.

Why would one want to ue a fancy program to read a simple text file, the 
program less allows the use of a search engine, hit the '/' key and a slash 
will appier at the bottom left of the screen, type a word to look for, then 
hit enter, to repeat hit the slash again and press enter or simply hit the 
space bar, the found word is highlighted.

>
> Chris Rose
> ==========
> 1952 - 2001 = 42

-- 
Regards Richard
pa3gcu@zeelandnet.nl
http://people.zeelandnet.nl/pa3gcu/

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Logging

[Chris Rose]

At 06:08 AM 10/04/2002 +0000, Richard Adams wrote:
>On Wednesday 10 April 2002 05:46, Chris Rose wrote:
> > Can anyone on the list suggest some tools for log reading?  i'm trying to
> > audit my ftp server (proftpd) and i have no idea how to configure its
> > logging, nor how best to view what it puts out.  i have Webmin, but the
> > logging interface in there is pretty unclear to someone who's got nothing
> > to start from, knowledge-wise.
>
>Why would one want to ue a fancy program to read a simple text file, the
>program less allows the use of a search engine, hit the '/' key and a slash
>will appier at the bottom left of the screen, type a word to look for, then
>hit enter, to repeat hit the slash again and press enter or simply hit the
>space bar, the found word is highlighted.

i think you're missing the point - what i'm looking for is not, per se, the 
mechanism used to read the log, so much as i'm looking for the means to 
make sense of what i'm seeing, and also which log files/settings of the 
daemon will provide me with stats on uploads/downloads from my ftp site.


Chris Rose
==========
1952 - 2001 = 42


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Logging

[Richard Adams]

On Wednesday 10 April 2002 06:36, Chris Rose wrote:

> >Why would one want to ue a fancy program to read a simple text file, the
> >program less allows the use of a search engine, hit the '/' key and a
> > slash will appier at the bottom left of the screen, type a word to look
> > for, then hit enter, to repeat hit the slash again and press enter or
> > simply hit the space bar, the found word is highlighted.
>
> i think you're missing the point - what i'm looking for is not, per se, the
> mechanism used to read the log, so much as i'm looking for the means to
> make sense of what i'm seeing, and also which log files/settings of the
> daemon will provide me with stats on uploads/downloads from my ftp site.

I dont think i am, i meant what i said, what i can tell you futher is that 
proftp.log does not really reveal much infomation at all, its "xferlog" in 
/var/log that tells all, 'man xferlog' will explain all there is to be known.

Just in case you may read my mail as being prudent here is what profftp log 
shows.
Aug 05 15:16:02 unix.pa3gcu proftpd[3839]

Date and time i am sure we all now what that is, unix.pa3gcu = the server 
name, proftpd[389] is the process number as would be shown by 'ps ax' when 
the connection was presant. Further on the same line in the log one would see;

unix.pa3gcu.ampr.org (192.168.1.160[192.168.1.160]): USER pa3gcu: Login 
successful

unix.pa3gcu.ampr.org is the fullservername (192.168.1.160[192.168.1.160]): is 
the IP# of the remote computer who just opened the ftp connect,
USER: pa3gcu = the user who logged in, that could be ftp or guest when 
anoymous is used, Login succesful means a valid passwd was used.
Any discrepancy's would be logged as well as the last entry on the line.
No more info is given, you now would refer to xferlog to get details of what 
was done in that connection.
See 'man xferlog' to get all the details on those entries.

I trust i have not missed the point in your eyes this time...

>
>
> Chris Rose
> ==========
> 1952 - 2001 = 42

-- 
Regards Richard
pa3gcu@zeelandnet.nl
http://people.zeelandnet.nl/pa3gcu/

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Compaq Armada 100S

[DFW II]

I just inherited a Compaq Armada 100S laptop computer and am thinking about 
installing Linux on the machine... Any recommendations for a distribution?

At 06:23 PM 4/10/02 +0000, Richard Adams wrote:
>On Wednesday 10 April 2002 06:36, Chris Rose wrote:
>
> > >Why would one want to ue a fancy program to read a simple text file, the
> > >program less allows the use of a search engine, hit the '/' key and a
> > > slash will appier at the bottom left of the screen, type a word to look
> > > for, then hit enter, to repeat hit the slash again and press enter or
> > > simply hit the space bar, the found word is highlighted.
> >
> > i think you're missing the point - what i'm looking for is not, per se, the
> > mechanism used to read the log, so much as i'm looking for the means to
> > make sense of what i'm seeing, and also which log files/settings of the
> > daemon will provide me with stats on uploads/downloads from my ftp site.
>
>I dont think i am, i meant what i said, what i can tell you futher is that
>proftp.log does not really reveal much infomation at all, its "xferlog" in
>/var/log that tells all, 'man xferlog' will explain all there is to be known.
>
>Just in case you may read my mail as being prudent here is what profftp log
>shows.
>Aug 05 15:16:02 unix.pa3gcu proftpd[3839]
>
>Date and time i am sure we all now what that is, unix.pa3gcu = the server
>name, proftpd[389] is the process number as would be shown by 'ps ax' when
>the connection was presant. Further on the same line in the log one would see;
>
>unix.pa3gcu.ampr.org (192.168.1.160[192.168.1.160]): USER pa3gcu: Login
>successful
>
>unix.pa3gcu.ampr.org is the fullservername (192.168.1.160[192.168.1.160]): is
>the IP# of the remote computer who just opened the ftp connect,
>USER: pa3gcu = the user who logged in, that could be ftp or guest when
>anoymous is used, Login succesful means a valid passwd was used.
>Any discrepancy's would be logged as well as the last entry on the line.
>No more info is given, you now would refer to xferlog to get details of what
>was done in that connection.
>See 'man xferlog' to get all the details on those entries.
>
>I trust i have not missed the point in your eyes this time...
>
> >
> >
> > Chris Rose
> > ==========
> > 1952 - 2001 = 42
>
>--
>Regards Richard
>pa3gcu@zeelandnet.nl
>http://people.zeelandnet.nl/pa3gcu/
>
>-
>To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at  http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.linux-learn.org/faqs

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Compaq Armada 100S

[Brian Jung Myeng Lee]

Hello.

Hmm.. This could be a war between what distro's the best. =)
In my opinion, if you are a newbie, get Mandrake or RedHat then swtich
over to Slackware or Debian as soon as possible. (That is when you know
how to manage/run/fix stuff) I started with RH then switched to Slack,
then LFS. But I think it doesn't take a lot to learn those 'hard' distros.
They are all Linux (This is the word, but...) anyway.

Bye bye.

On Fri, 12 Apr 2002, DFW II wrote:

> I just inherited a Compaq Armada 100S laptop computer and am thinking about
> installing Linux on the machine... Any recommendations for a distribution?

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Compaq Armada 100S

[DFW II]

The only problem I can see is that it has a winmodem built into it.... May 
have to get a combo card for it.  Thanks for the opinions on the topic.

At 12:04 PM 4/12/02 -0400, Brian Jung Myeng Lee wrote:
>Hello.
>
>Hmm.. This could be a war between what distro's the best. =)
>In my opinion, if you are a newbie, get Mandrake or RedHat then swtich
>over to Slackware or Debian as soon as possible. (That is when you know
>how to manage/run/fix stuff) I started with RH then switched to Slack,
>then LFS. But I think it doesn't take a lot to learn those 'hard' distros.
>They are all Linux (This is the word, but...) anyway.
>
>Bye bye.
>
>On Fri, 12 Apr 2002, DFW II wrote:
>
> > I just inherited a Compaq Armada 100S laptop computer and am thinking about
> > installing Linux on the machine... Any recommendations for a distribution?

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Compaq Armada 100S

[Richard Adams]

On Sunday 14 April 2002 20:18, DFW II wrote:
> The only problem I can see is that it has a winmodem built into it.... May
> have to get a combo card for it.  Thanks for the opinions on the topic.

It may not be such a problem, my Armada E500 also has a winmodem in it, but 
there is a linux driver for my modem and i must say it works well.

You may want to look at the following sites for info on your make and type of 
modem.
http://linmodems.technion.ac.il/
http://www.idir.net/~gromitkc/winmodem.html

If its a lucent chip moden then you have a very good chance indeed.

-- 
Regards Richard
pa3gcu@zeelandnet.nl
http://people.zeelandnet.nl/pa3gcu/

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Compaq Armada 100S

[Ray Olszewski]

At 12:04 PM 4/12/02 -0400, Brian Jung Myeng Lee wrote:
>Hello.
>
>Hmm.. This could be a war between what distro's the best. =)

Not likely here. Only fools engage in this sort of debate, and fools are in
short supply on this list.

In any case, "best" isn't even well defined. You have to ask: "best for what
purpose"? As long as you use a current version of any of the major
distributions (that it be current is important so you have an up-to-date
kernel and the latest security patches), you will be OK on the basics. 

After that, it's a matter of what you like.

>In my opinion, if you are a newbie, get Mandrake or RedHat then swtich
>over to Slackware or Debian as soon as possible. (That is when you know
>how to manage/run/fix stuff) I started with RH then switched to Slack,
>then LFS. But I think it doesn't take a lot to learn those 'hard' distros.
>They are all Linux (This is the word, but...) anyway.

Here I would disagree. Unless you find the process of learning a distro's
idiosyncracies to be fun or educational, you should pick one and stick with
it. I found the move from Slackware to Debian to be painful, but now that
I'm used to Debian, I hate the thought of switching to, say, Red Hat ... not
because Debian is necessarily better, but just because Red Hat is different
in its details.

Stay away from Slackware unless you like to tinker; it does the least for
you in the way of automated setup and updates. (But if you DO like to tinker
at low level, definitely consider Slackware.) Pick one that is likely to be
around for a while (more of a concern these days, as the Linux portion of
the dot-com bust continues to play out). Debian, Red Hat, Mandrake, and
probably SuSE are the best bets, in no particular order.

  

--
------------------------------------"Never tell me the odds!"---
Ray Olszewski                                        -- Han Solo
Palo Alto, CA           	 	         ray@comarre.com        
----------------------------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Compaq Armada 100S

[Richard Adams]

On Friday 12 April 2002 17:23, Ray Olszewski wrote:
> At 12:04 PM 4/12/02 -0400, Brian Jung Myeng Lee wrote:
> >Hello.
> >
> >Hmm.. This could be a war between what distro's the best. =)
>
> Not likely here. Only fools engage in this sort of debate, and fools are in
> short supply on this list.

lI'll second that Ray.

>
> In any case, "best" isn't even well defined. You have to ask: "best for
> what purpose"? As long as you use a current version of any of the major
> distributions (that it be current is important so you have an up-to-date
> kernel and the latest security patches), you will be OK on the basics.
>
> After that, it's a matter of what you like.
>
> >In my opinion, if you are a newbie, get Mandrake or RedHat then swtich
> >over to Slackware or Debian as soon as possible. (That is when you know
> >how to manage/run/fix stuff) I started with RH then switched to Slack,
> >then LFS. But I think it doesn't take a lot to learn those 'hard' distros.
> >They are all Linux (This is the word, but...) anyway.
>
> Here I would disagree. Unless you find the process of learning a distro's
> idiosyncracies to be fun or educational, you should pick one and stick with
> it. I found the move from Slackware to Debian to be painful, but now that
> I'm used to Debian, I hate the thought of switching to, say, Red Hat ...
> not because Debian is necessarily better, but just because Red Hat is
> different in its details.

As a user of many different distro's all i can say is i must agree with Ray, 
except for his remarks on slackware, however Ray is correct in saying what he 
did but what he did not say is, slackware "allows" you to configure things as 
you want them not as the distro thinks you will want them, thats the 
differance. 

>
> Stay away from Slackware unless you like to tinker; it does the least for
> you in the way of automated setup and updates. (But if you DO like to
> tinker at low level, definitely consider Slackware.) Pick one that is
> likely to be around for a while (more of a concern these days, as the Linux
> portion of the dot-com bust continues to play out). Debian, Red Hat,
> Mandrake, and probably SuSE are the best bets, in no particular order.

Huum, i must be a tinkerer ;-)
My Armada E500 has slackware Red and Mandrake, they all work as i want them 
to.

Thats my 2 $cents worth and my only mail on this subject.

>
>
> --
> ------------------------------------"Never tell me the odds!"---
> Ray Olszewski                                        -- Han Solo
> Palo Alto, CA           	 	         ray@comarre.com
> ----------------------------------------------------------------

-- 
Regards Richard
pa3gcu@zeelandnet.nl
http://people.zeelandnet.nl/pa3gcu/

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs