From nobody Wed Aug 31 09:57:12 2022
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MHfjT19Tmz4ZrsL
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Wed, 31 Aug 2022 09:57:17 +0000 (UTC)
	(envelope-from void@f-m.fm)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4MHfjS2brsz3yn9
	for <freebsd-questions@freebsd.org>; Wed, 31 Aug 2022 09:57:16 +0000 (UTC)
	(envelope-from void@f-m.fm)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
	by mailout.nyi.internal (Postfix) with ESMTP id EB8385C002F
	for <freebsd-questions@freebsd.org>; Wed, 31 Aug 2022 05:57:14 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
  by compute5.internal (MEProxy); Wed, 31 Aug 2022 05:57:14 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc
	:content-type:date:date:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:sender:subject
	:subject:to:to; s=fm1; t=1661939834; x=1662026234; bh=Ae5+o6kkOw
	cezPtKGKw91U8THyqecYgyrcQfF71/Ioc=; b=Qm5Nc2u1TaR5lA9G/FQhtY782E
	Brka7IkXErnoc/yCFDsPtmk/vT2Gld+7GUtER3e42rgY8JLioKkd3ojZ0F55rojR
	nd/pr7i6qeIZp4+VI+D00erxOVauluAqkvx5WMXeCVNain+WIXmZL07Kqx78bIJA
	wF0RPkNh/5DnjIY06s8461rQx0UEOnsJh4dyba7Jp2rXOJZUsKQe83Kx5hUEKPFE
	QjIx++FsQRor8KxmlSmAH6fobZXhXnTbutklqnC6sPUz/3Lrr6E4NLXnitWlIG4u
	S9aH+XQlxXNtX7mQrAgHVVfuQ3QiIugLScpuInyK7RxjBvCzZjmprtct64yg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-type:date:date:feedback-id
	:feedback-id:from:from:in-reply-to:in-reply-to:message-id
	:mime-version:references:reply-to:sender:subject:subject:to:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm1; t=1661939834; x=1662026234; bh=Ae5+o6kkOwcezPtKGKw91U8THyqe
	cYgyrcQfF71/Ioc=; b=C18Vq2Jp42qqOr6HRD5DO8b6uEPpSds7OPEelChoUwBV
	/UteUreFX1LNBv0qfiK/eEdOZm7A5Si4QqQUmXYHV+dPd1baKUhSq3Myu6T8LNe9
	xuk1YD3Tmf8L9wJ3DjFuxGP8U2B97jVs1LcDScMzGcagdgPTa0NU69kL42Ub1wfu
	aoQv+f8Hq6SBjkFBbeZLgKwRab68umrOYK0hT0nv6TCRzUaa7E1HURPHBNKYRd+R
	P9U3TTqsNhao2uTWuSjlvvY2DSw7k/letIVivDYoqE+E9+6evHqR7k+F/3NI+fh7
	SDEG+7z6evWOIk5uaaPGQ4/a+n6go9IQeqYWt+vJMw==
X-ME-Sender: <xms:ejAPYyuTK5IaIfJj_R1N4c0u17D7quFzEy2oWUJgDOUCmEos52YdnQ>
    <xme:ejAPY3dnYKA9XhlKKKylp2bCwlbs8Yuo93FsJc2fi9EMfjpggQv4IvLbKYiIPvsR0
    JxKa98Bd1GYZwkERQ>
X-ME-Received: <xmr:ejAPY9xPFXHiJYT2MtLWnBya0lIeyWEfV6M95hQULBXxYkOHiEK0VsoUDn6rSLpsTzZ3tWk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdekhedgvdefucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesthdtre
    dttddtvdenucfhrhhomhepvhhoihguuceovhhoihgusehfqdhmrdhfmheqnecuggftrfgr
    thhtvghrnhepkeeluddvlefhieelfefggffhffektdehleelgfdugfdvgeekjeejuddthe
    ehgfeunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep
    vhhoihgusehfqdhmrdhfmh
X-ME-Proxy: <xmx:ejAPY9MUhvcuqlNbLDusC0ieshCE0Nb3nGjREq158vLJWxjCGPrLwA>
    <xmx:ejAPYy80lEPEWDEVFq97b-mr9kOXGuMGA503RtyRQRvysszS9UnGIw>
    <xmx:ejAPY1UON0s5P54cn1XJkt4SPSLH7cWwPBo90-s_PIgXclh0f8MGMg>
    <xmx:ejAPYzJyp9kbIjdN_wXMGL49Zh7t3YbYig-Z0KQEofz2c6KEgAVFyg>
Feedback-ID: i2541463c:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for
 <freebsd-questions@freebsd.org>; Wed, 31 Aug 2022 05:57:14 -0400 (EDT)
Date: Wed, 31 Aug 2022 10:57:12 +0100
From: void <void@f-m.fm>
To: freebsd-questions@freebsd.org
Subject: Re: turn on timestamps in kernel log messages?
Message-ID: <Yw8weIqzj/WPRcfX@void.f-m.fm>
Mail-Followup-To: freebsd-questions@freebsd.org
References: <YwuEu68m6kiRFNrc@void.f-m.fm>
 <20220828165715.fr3gvjk2esatukn5@shelly.nomadlogic.org>
 <YwuhtfGRIN1pNNZV@void.f-m.fm>
 <eef21030-3a98-4a25-902c-9f66143c84bf@langille.org>
 <Ywv+ZeOeFVVjWsqH@void.f-m.fm>
 <YwwCi2uvq+9TKsFQ@void.f-m.fm>
 <20220829040424.wdunjidqvprd76xn@shelly.nomadlogic.org>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
Sender: owner-freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <20220829040424.wdunjidqvprd76xn@shelly.nomadlogic.org>
X-Rspamd-Queue-Id: 4MHfjS2brsz3yn9
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=f-m.fm header.s=fm1 header.b=Qm5Nc2u1;
	dkim=pass header.d=messagingengine.com header.s=fm1 header.b=C18Vq2Jp;
	dmarc=pass (policy=none) header.from=f-m.fm;
	spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 66.111.4.25 as permitted sender) smtp.mailfrom=void@f-m.fm
X-Spamd-Result: default: False [-4.03 / 15.00];
	SUBJECT_ENDS_QUESTION(1.00)[];
	DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim];
	NEURAL_HAM_SHORT(-1.00)[-0.996];
	NEURAL_HAM_LONG(-0.99)[-0.991];
	NEURAL_HAM_MEDIUM(-0.84)[-0.844];
	DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none];
	R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm1,messagingengine.com:s=fm1];
	R_SPF_ALLOW(-0.20)[+ip4:66.111.4.25];
	RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.25:from];
	MIME_GOOD(-0.10)[text/plain];
	RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.25:from];
	ARC_NA(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
	RCPT_COUNT_ONE(0.00)[1];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_HAS_DN(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	FREEMAIL_ENVFROM(0.00)[f-m.fm];
	MIME_TRACE(0.00)[0:+];
	RCVD_COUNT_THREE(0.00)[4];
	TO_DN_NONE(0.00)[];
	FREEMAIL_FROM(0.00)[f-m.fm];
	ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US];
	MID_RHS_MATCH_FROMTLD(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+];
	RCVD_TLS_LAST(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]
X-ThisMailContainsUnwantedMimeParts: N

On Mon, Aug 29, 2022 at 04:04:24AM +0000, Pete Wright wrote:

>might be worth adjusting your syslog.conf to capture all kern.*
>messages, then they'll land in /var/log/messages or somewhere similar
>and have human readable timestamps.  here's an example from my
>/var/log/messages file:
>
>Aug 26 15:50:30 topanga kernel: tun0: link state changed to Up

What I'm after is for the timestamps to appear in the periodic email
for kernel log messages. They *do* appear in /var/log/messages.

For example, /var/log/messages contains this

Aug 28 19:44:45 svr kernel: [2526502] tap3: link state changed to DOWN
Aug 28 19:51:09 svr kernel: [2526886] tap3: link state changed to UP
Aug 28 19:54:57 svr kernel: [2527114] tap3: link state changed to DOWN
Aug 28 19:55:07 svr kernel: [2527124] tap3: link state changed to UP
Aug 28 19:56:54 svr kernel: [2527231] tap3: link state changed to DOWN

The subsequent periodic daily email contains these entries

+[2526502] tap3: link state changed to DOWN
+[2526886] tap3: link state changed to UP
+[2527114] tap3: link state changed to DOWN
+[2527124] tap3: link state changed to UP
+[2527231] tap3: link state changed to DOWN
+[2527242] tap3: link state changed to UP

I'd like the email to contain the entries as they were in /var/log/messages.

It seems kind of odd that the timestamps are stripped out in the email for kernel 
messages yet they are intact in the same email for smtp relay failures and sshd 
bruteforcers. 

--