[Users] Access to kernel logs in VE
Dmitry Mishin
dim at openvz.org
Fri Dec 29 11:01:12 EST 2006
On Friday 29 December 2006 17:44, Jan Tomasek wrote:
> Dmitry Mishin wrote:
> > On Friday 29 December 2006 17:11, Jan Tomasek wrote:
> >> Hello,
> >>
> >> I need advice how to konfigure kernel loging for VE. I'm interested in
> >> iptables logs. By default all log mesages goes to log files of HW node.
> >> That can get realy messy when number of VE is growing.
> > It was recently fixed for devel kernels
>
> I'm using 2.6.18-028test007. Is it in there?
No, it is git version only right now.
http://git.openvz.org/?p=linux-2.6.18-openvz;a=commit;h=356e4674820ed23c9410f7870def17b70f4fddac
>
> > - you may use ipt_LOG for loging to
> > per-VE log, as it is for stable kernels quite a long ago.
>
> I'm using in iptables:
>
> $IPT -A ssh -i $EXTERNAL -p tcp -m limit --limit $LIMIT -j LOG
> --log-prefix "wiki: DROP-ssh "
Yes, it is ipt_LOG target and it is fixed by above commit. Just wait for next
kernel or apply above patch yourself.
>
> But it ends in HW node logs. Where is syslog in VE suposed to listen?
> I'm using syslog-ng with this setup:
>
> source src {
> pipe("/proc/kmsg" log_prefix("kernel: "));
> unix-dgram("/dev/log");
> internal();
> };
>
> and it receive nothing.
--
Thanks,
Dmitry.
More information about the Users
mailing list