First, unless you are debugging a problem, there is no reason log debug
output (you’re basically logging every action RT does) - especially to
syslog since that’s causing a problem. Try using this:
Set($LogToSyslog, undef);
or Set($LogToSyslog, ‘emergency’);
Then choose the log level you want (perhaps you want debug) and log to
file: Set($LogToFile, …;
The above doesn’t completely turn off logging to syslog, but should
virtually eliminate it and thus eliminate your errors.
James Moseley
Richard Ellis
<Richard.Ellis@Su
n.COM> To
Sent by: James Moseley
Richard.Ellis@Sun <jmoseley@corp.xanadoo.com>
.COM cc
rt-users@lists.bestpractical.com
Subject
10/03/2007 07:54 Re: [rt-users] Syslog on Solaris 10
AM
Hi James,
Yep, I’ve configured it in RT_SiteConfig.pm
@LogToSyslogConf = ( socket => ‘inet’ ) unless (@LogToSyslogConf);
Set($LogDir, ‘/opt/rt3/var/log’);
Set($LogToFileNamed,“rt.log”);
Set($LogToSyslog, ‘debug’);
Set($LogToFile, ‘warning’);
which is the same settings we use on the old Solaris 9 box which has
worked for years. Because of the security changes, that just doesn’t
work on the Solaris 10 machine as the syslogd daemon isn’t running on
the default port (514) anymore. My choices are either change the way
messages are written to syslog by using a different method, or change
the target.
I’d prefer not to have to hack the core files about if I can avoid it.
Richard
James Moseley wrote:
I’d take a look at the following Log section of RT_Config.pm. Also, take
a
look at the Log::Dispatch::Syslog perl module documentation:
{{{ Logging
Logging. The default is to log anything except debugging
information to syslog. Check the Log::Dispatch POD for
information about how to get things by syslog, mail or anything
else, get debugging info in the log, etc.
It might generally make
sense to send error and higher by email to some administrator.
If you do this, be careful that this email isn’t sent to this RT
instance.
the minimum level error that will be logged to the specific device.
levels from lowest to highest:
debug info notice warning error critical alert emergency
Mail loops will generate a critical log message.
Set($LogToSyslog , ‘debug’);
Set($LogToScreen , ‘error’);
Set($LogToFile , undef);
Set($LogDir, ‘/opt/rt3.6.5/var/log’);
Set($LogToFileNamed , “rt.log”); #log to rt.log
If true generates stack traces to file log or screen
never generates traces to syslog
Set($LogStackTraces , 0);
On Solaris or UnixWare, set to ( socket => ‘inet’ ). Options here
override any other options RT passes to Log::Dispatch::Syslog.
Other interesting flags include facility and logopt. (See the
Log::Dispatch::Syslog documentation for more information.) (Maybe
ident too, if you have multiple RT installations.)
@LogToSyslogConf = () unless (@LogToSyslogConf);
James Moseley
Richard Ellis
<Richard.Ellis@Su
n.COM>
To
Sent by: rt-users@lists.bestpractical.com
rt-users-bounces@
cc
lists.bestpractic
al.com
Subject
[rt-users] Syslog on Solaris 10
10/03/2007 02:35
AM
Hi,
I am currently moving our RT instance from 3.4 on a Solaris 9 machine to
3.6 on a Solaris 10 machine and have run into a problem with the system
logging.
For security reasons, our IT guys turn off the default UDP port 514.
When I asked why, they gave me the following:
“Our builds all turn off the remote syslog port 514. It is generally
considered
a security risk. Some bad person could fill up your disk with bogus
messages. Local apps should use syslog(3c) or logger(1) to write
to syslog.”
Is there a way to convince RT to use logger or syslog(3c) or simply to
write all log output to its own log file instead? This is causing RT to
fail miserably.
Thanks
Richard
–
Richard Ellis
.Sun B2B Operations
Sun Microsystems x24727
http://sun.com
The rt-users Archives
Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com
Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
Richard Ellis
.Sun B2B Operations
Sun Microsystems x24727
