writing logs in /var/adm/utmp vs /var/adm/utmpx

have 2 similar rhel6 servers but they behave different, while one creates login records in /var/adm/utmp, the other logs in /var/adm/utmpx, bot thave the same kernel and grub.conf configuration.

We’re planning on replacing these servers soon but still, it puzzles me.

here are the grub.conf files for each:

Server1:

# grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE:  You have a /boot partition.  This means that #          all kernel and initrd paths are relative to /boot/, eg. #          root (hd0,0) #          kernel /vmlinuz-version ro root=/dev/mapper/rootVG-rootVol #          initrd /initrd-[generic-]version.img #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu password --encrypted <removed> title Red Hat Enterprise Linux Server (2.6.32-754.14.2.el6.x86_64)     root (hd0,0)     kernel /vmlinuz-2.6.32-754.14.2.el6.x86_64 ro root=/dev/mapper/rootVG- rootVol rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=rootVG/rootVol  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet     initrd /initramfs-2.6.32-754.14.2.el6.x86_64.img title Red Hat Enterprise Linux Server (2.6.32-754.10.1.el6.x86_64)         root (hd0,0)         kernel /vmlinuz-2.6.32-754.10.1.el6.x86_64 ro root=/dev/mapper/rootVG-rootVol rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=rootVG/rootVol  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet         initrd /initramfs-2.6.32-754.10.1.el6.x86_64.img 

Here is server2:

# grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE:  You have a /boot partition.  This means that #          all kernel and initrd paths are relative to /boot/, eg. #          root (hd0,0) #          kernel /vmlinuz-version ro root=/dev/mapper/rootVG-rootVol #          initrd /initrd-[generic-]version.img #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu password --encrypted <removed> title Red Hat Enterprise Linux Server (2.6.32-754.14.2.el6.x86_64)     root (hd0,0)     kernel /vmlinuz-2.6.32-754.14.2.el6.x86_64 ro root=/dev/mapper/rootVG-rootVol rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=rootVG/rootVol  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet     initrd /initramfs-2.6.32-754.14.2.el6.x86_64.img title Red Hat Enterprise Linux Server (2.6.32-754.10.1.el6.x86_64)     root (hd0,0)     kernel /vmlinuz-2.6.32-754.10.1.el6.x86_64 ro root=/dev/mapper/rootVG-rootVol rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=rootVG/rootVol  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet     initrd /initramfs-2.6.32-754.10.1.el6.x86_64.img 

virt-install hangs, no apparent error in logs and virsh list later shows its running after ctrl c exit, no domifaddr though

Got thrown into a situation managing boxes that the person before me used virt, so trying to come up to speed. As a test doing a virt-install of this:

virt-install --virt-type=kvm --name kosmos-icc --ram 1000 --os-variant=centos7.0 --cdrom=/var/lib/libvirt/boot/CentOS-7-x86_64-Minimal-1810.iso --network=bridge=virbr0,model=virtio --graphics vnc --disk path=/var/lib/libvirt/images/centos7.qcow2,size=8,bus=virtio,format=qcow2 --boot userserial=on 

It runs with this:

WARNING  Graphics requested but DISPLAY is not set. Not running virt-viewer. WARNING  No console to launch for the guest, defaulting to --wait -1  Starting install... Allocating 'centos7.qcow2'                                                                                                                                                | 8.0 GB  00:00:00      Domain installation still in progress. Waiting for installation to complete. 

Then hangs, I can hit ctrl-c and get my prompt back, doing a virsh list shows that it is running but doing a virsh domifaddr kosmos-icc shows nothing (the other one that is generic and was installed using the gui) shows the ip address (that i can ssh into) from the machine.

So not sure why it isn’t completing or if it is and being silent about it or if I am missing a switch. I was assuming the virbr0 was the way to go with the network. So still learning virsh/virt and seeing if I can via a command line install a VM and then replicate the process on a non test machine.

The install logs in /root/.cache/virt-manager show no real errors… in fact shows:

[Wed, 19 Jun 2019 11:28:38 virt-install 351] DEBUG (guest:441) XML fetched from libvirt object:  ... the xml ...   [Wed, 19 Jun 2019 11:28:38 virt-install 351] DEBUG (virt-install:744) Domain state after install: 1 

that state after install is the last line before the log sees my ctrl-c keyboard interrupt.

Googke K8s – Stackdriver Kubernetes Engine Monitoring is enabled but cant see logs in Logs Viewer

Google K8S – Master version 1.13.6-gke.6

On my K8S cluster is Stackdriver Kubernetes Engine Monitoring Enabled, Legacy Stackdriver Logging Disabled, Legacy Stackdriver Monitoring Disabled.

PROBLEM: I get monitoring information in stackdriver dashboards but I cant see logs in google Logs Viewer (also nothing with gcloud logging read “resource.type=k8s_container” to this cluster)

If I switch to Legacy Stackdriver Monitoring and Legacy Stackdriver Logging, it works (with resource.type=container).

Cluster use service with permission (Role editor (owner not help))

  • https://www.googleapis.com/auth/logging.write
  • https://www.googleapis.com/auth/monitoring

Permissions for cluster

  • Stackdriver Logging API – Write Only
  • Stackdriver Monitoring API – Full

On every node runing fluentd-gcp-*

How to correctly setup Crashlytics in iOS app with own framework in order to get logs and keys from the framework?

I have a Xcode project in which the data layer is separated in a framework in order to be shared between the main iOS app and the Today extensions. I have followed the general setup instructions here and the instruction for multiple targets here. I do get crash reports from both the app and the data framework. However, in the crash report I find only logs (CLSLog(@"Bla bla")) and keys ([CrashlyticsKit setObjectValue:@"value" forKey:@"key"]) from the main app. Logs and keys from the data framework are not recorded in the crash report even though I have verified code passes through them. As a simple example – user logs in and I set the user identifier from the data framework; then a crash happens in the app and in the crash report there is no user identifier.

I have seen this topic in which the recommendation is to not include Crashlytics in a framework that is intended to be distributed as a third party library. This is not a concern in my case and it also hints at the possibility of including Crashlytics both in the app and framework.

So my questions are:

  1. Is it possible at all to get crash reports with logging and keys from both the main app and the framework?
  2. If yes – what is the correct setup?

Google cloud VPC Firewall rule does not show any rejected logs

I have Google VPC firewall rule to allow ssh(default tcp:22) access to a compute instance VM, this firewall rule has the highest priority in the VPC. The firewall rule has logging turned on.

When looking in the Google Stackdriver Logging console i can see entries for ALLOWED connection. When i try to ssh to this host from a host that is not allowed to access it fails as expected but no log entry is showing in the Logging console.

I am assuming REJECTED entries should also be logged. What could be the reason for this?

MacBook Pro 2017 suspicious data logs that I don’t know what they mean and think its a spying app

my Boyfriend is a computer programmer and a really good one and like the best in texas and i ask him but if he is monitoring me then of couerse he wouldnt tell me the correct answer so my question are alot but will only ask a few . so what are proxies and what does bypass proxie mean i know some of what it is but dont know what to look for or what are red flag as far as the words in the coding. so anyone with info on what shoiuld i look for and as well as what to look for when i look at the data and logs and specisfic words in coding lingo. thank you so much and i appreciate it.. enter image description here

where can i find the logs of ionic and Loopback

i am building a project with Loopback and Ionic ,my ionic app and loopback server are not communicating , the api URL is fine.Even though iam not able to login using the api,thus i wanted to find the reasons for the not logging in ,i am trying to find the log file where everthing is recorded for the starting of server to ending of it .

I tried looking for log files

Can I use audit logs to determine if an end user device has a synced copy of a library?

We are actively looking at o365 in our organization. One of the barriers for entry is we want to use Document Libraries to serve content to end users. These documents are required to be up to date on end user devices. If they are not and an audit happens bad things could happen to the company.

In a trial environment we have Auditing turned on and I am seeing logs. However I can only see things like Accessed File, Download File etc. Understandably there does not appear to be an entry like “Synced Library”.

End users will only have one device so I should not have to worry about library state on multiple end points.

Can I use the data from the Audit Logs to accurately determine the sync status of a library on an end user device i.e. is the device out of date?

Some of these documents will not change for years so I could never see activity for a given file meaning 90 days worth of activity might make this hard to work with.