Date: Tue, 28 Oct 2008 09:32:36 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Jos Chrispijn <kernel@webrz.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Security | Kernel message Message-ID: <20081028163236.GC53758@icarus.home.lan> In-Reply-To: <49073D1B.2090701@webrz.net> References: <49073D1B.2090701@webrz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 28, 2008 at 05:26:03PM +0100, Jos Chrispijn wrote: > A prt of my daily security run: > > triton.xxx.xxx.xxx kernel log messages: > +++ /tmp/security.VnqB8ZT6 2008-10-27 23:53:32.000000000 +0100 > +em0: link state changed to DOWN > +em0: link state changed to UP > +em0: link state changed to DOWN > +em0: link state changed to UP > +em0: link state changed to DOWN > +em0: link state changed to UP > > Is there a way of adding the time on every DOWN and UP line? No, because the messages are in the kernel log. The kernel itself does not print timestamps, because that's silly. Try doing this: 1) Edit /etc/syslog.conf and enable /var/log/all.log, 2) touch /var/log/all.log 3) chown root:wheel /var/log/all.log 4) chmod 600 /var/log/all.log 5) killall -HUP syslogd Then wait until the next event, and examine /var/log/all.log, which will contain timestamps. Also, are you seeing any "watchdog timeout" events on em0 as well? If so, please read the "Network devices" section of my Wiki regarding what this problem could be (specific to certain models of Intel 82573 NIC): http://wiki.freebsd.org/JeremyChadwick/Commonly_reported_issues -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081028163236.GC53758>