Re: turn on timestamps in kernel log messages?
- In reply to: Pete Wright : "Re: turn on timestamps in kernel log messages?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 31 Aug 2022 09:57:12 UTC
On Mon, Aug 29, 2022 at 04:04:24AM +0000, Pete Wright wrote: >might be worth adjusting your syslog.conf to capture all kern.* >messages, then they'll land in /var/log/messages or somewhere similar >and have human readable timestamps. here's an example from my >/var/log/messages file: > >Aug 26 15:50:30 topanga kernel: tun0: link state changed to Up What I'm after is for the timestamps to appear in the periodic email for kernel log messages. They *do* appear in /var/log/messages. For example, /var/log/messages contains this Aug 28 19:44:45 svr kernel: [2526502] tap3: link state changed to DOWN Aug 28 19:51:09 svr kernel: [2526886] tap3: link state changed to UP Aug 28 19:54:57 svr kernel: [2527114] tap3: link state changed to DOWN Aug 28 19:55:07 svr kernel: [2527124] tap3: link state changed to UP Aug 28 19:56:54 svr kernel: [2527231] tap3: link state changed to DOWN The subsequent periodic daily email contains these entries +[2526502] tap3: link state changed to DOWN +[2526886] tap3: link state changed to UP +[2527114] tap3: link state changed to DOWN +[2527124] tap3: link state changed to UP +[2527231] tap3: link state changed to DOWN +[2527242] tap3: link state changed to UP I'd like the email to contain the entries as they were in /var/log/messages. It seems kind of odd that the timestamps are stripped out in the email for kernel messages yet they are intact in the same email for smtp relay failures and sshd bruteforcers. --