So recently in my home setup I installed a scheme for centralized logging. I use rsyslog or syslog on the client servers and syslog-ng on the central server. This is nothing new and has been done before.

rsyslog + syslog-ng = gold.

I have a script which parses the syslog-ng logs across all the servers, filters them, and then sends and email with a summary and unusual logs. Each time I got an email I would get, on average, ~200-500 log messages of SELinux errors and...

Over the years we've seen quite a few "I want to log everything" questions asked for which I listed some pointers a while ago in several posts. To complement a recent "I want to capture all the operations performed in the terminal" question (thread: How to Capture a Unix Terminal Session?) I looked for Bash patches. Long story short: Bash 4 can be compiled with syslog support but still that shell will run as the user who logs in AFAIK. (So depending on your requirements for coverage...

Today I was having mac address problems. My corp network runs a mac filtered domain so in order to avoid the hassle of contacting IT (which are stupid) I simply copied the macs from other machines and issued them to my servers (I'm a technical head for my department). Well I didn't save the MAC address and the server was shutdown when we moved it which blew away the mac. What did I do? Search the logs for every MAC address ever.

...

Everybody dreads it. When you see it, it is difficult to know what to do. Luckily Unix provides utilities which allow us to traverse the filesystem and parse files quickly and effortlessly.

Here's a search command which will search all your log files for keywords such as shutdown, poweroff, and panic.

This will allow you to narrow which log files you...