Security | Kernel message
Jeremy Chadwick
koitsu at FreeBSD.org
Tue Oct 28 09:32:40 PDT 2008
On Tue, Oct 28, 2008 at 05:26:03PM +0100, Jos Chrispijn wrote:
> A prt of my daily security run:
>
> triton.xxx.xxx.xxx kernel log messages:
> +++ /tmp/security.VnqB8ZT6 2008-10-27 23:53:32.000000000 +0100
> +em0: link state changed to DOWN
> +em0: link state changed to UP
> +em0: link state changed to DOWN
> +em0: link state changed to UP
> +em0: link state changed to DOWN
> +em0: link state changed to UP
>
> Is there a way of adding the time on every DOWN and UP line?
No, because the messages are in the kernel log. The kernel itself does
not print timestamps, because that's silly.
Try doing this:
1) Edit /etc/syslog.conf and enable /var/log/all.log,
2) touch /var/log/all.log
3) chown root:wheel /var/log/all.log
4) chmod 600 /var/log/all.log
5) killall -HUP syslogd
Then wait until the next event, and examine /var/log/all.log, which will
contain timestamps.
Also, are you seeing any "watchdog timeout" events on em0 as well? If
so, please read the "Network devices" section of my Wiki regarding what
this problem could be (specific to certain models of Intel 82573 NIC):
http://wiki.freebsd.org/JeremyChadwick/Commonly_reported_issues
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-questions
mailing list