Hello Bogdan,
AFAIK it is just restarting to facilitate the rolling of logfiles...
check out the manual page for the log file rotation setup in openBSD
man newsyslog
check out the config file for newsyslog.conf ...
cat /etc/newsyslog.conf
# $OpenBSD: newsyslog.conf,v 1.36 2016/12/27 09:17:52 jca Exp $
#
# configuration file for newsyslog
#
# logfile_name owner:group mode count size when flags
/var/cron/log root:wheel 600 3 10 * Z
/var/log/authlog root:wheel 640 7 * 168 Z
/var/log/daemon 640 5 300 * Z
/var/log/lpd-errs 640 7 10 * Z
/var/log/maillog 640 7 * 24 Z
/var/log/messages 644 5 300 * Z
/var/log/secure 600 7 * 168 Z
/var/log/wtmp 644 7 * $W6D4 B
/var/log/xferlog 640 7 250 * Z
/var/log/pflog 600 3 250 * ZB
"pkill -HUP -u root -U root -t - -x pflogd"
/var/www/logs/access.log 644 4 * $W0 Z "pkill
-USR1 -u root -U root -x httpd"
/var/www/logs/error.log 644 7 250 * Z "pkill
-USR1 -u root -U root -x httpd"
On Mon, 1 Oct 2018 at 02:45, Bogdan Kulbida <info@konstankino.com> wrote:
>
> Hi Everyone,
>
> I'm having hard time understanding what is going on with the syslogd
> on some of my servers. It restarts on a regular basis and that just
> looks suspicious to me. I'm using OpenBSD 6.3 (GENERIC.MP).
>
> Here is an output of the syslogd:
>
> Sep 26 07:00:01 <IP> syslogd: restart
> Sep 26 10:00:07 <IP> syslogd: dropped 9 messages during initialization
> Sep 26 10:00:07 <IP> syslogd: restart
> Sep 26 16:38:44 <IP> syslogd: dropped 5 messages during initialization
> Sep 26 16:38:44 <IP> syslogd: restart
> Sep 27 14:00:01 <IP> syslogd: dropped 9 messages during initialization
> Sep 27 14:00:01 <IP> syslogd: restart
> Sep 27 16:31:34 <IP> syslogd: dropped 5 messages during initialization
> Sep 27 16:31:34 <IP> syslogd: restart
> Sep 28 04:00:01 <IP> syslogd: dropped 9 messages during initialization
> Sep 28 04:00:01 <IP> syslogd: restart
> Sep 28 10:01:47 <IP> syslogd: dropped 9 messages during initialization
> Sep 28 10:01:47 <IP> syslogd: start
> Sep 28 11:25:54 <IP> syslogd: dropped 5 messages during initialization
> Sep 28 11:25:54 <IP> syslogd: restart
> Sep 28 16:24:24 <IP> syslogd: dropped 5 messages during initialization
> Sep 28 16:24:24 <IP> syslogd: restart
> Sep 28 17:00:02 <IP> syslogd: dropped 9 messages during initialization
> Sep 28 17:00:02 <IP> syslogd: restart
> Sep 28 19:00:01 <IP> syslogd: dropped 9 messages during initialization
> Sep 28 19:00:01 <IP> syslogd: restart
> Sep 28 23:22:18 <IP> syslogd: dropped 5 messages during initialization
> Sep 28 23:22:18 <IP> syslogd: restart
> Sep 29 10:00:01 <IP> syslogd: dropped 9 messages during initialization
> Sep 29 10:00:01 <IP> syslogd: restart
> Sep 29 16:17:14 <IP> syslogd: dropped 5 messages during initialization
> Sep 29 16:17:14 <IP> syslogd: restart
> Sep 29 19:00:01 <IP> syslogd: dropped 9 messages during initialization
> Sep 29 19:00:01 <IP> syslogd: restart
> Sep 30 10:11:52 <IP> syslogd: dropped 5 messages during initialization
> Sep 30 10:11:52 <IP> syslogd: restart
> Sep 30 16:10:05 <IP> syslogd: dropped 5 messages during initialization
> Sep 30 16:10:05 <IP> syslogd: restart
> Sep 30 17:00:02 <IP> syslogd: dropped 9 messages during initialization
> Sep 30 17:00:02 <IP> syslogd: restart
>
> Any ideas on how I can start investigate this issue? Also what would
> be your thinking on what is going on?
>
> Thank you a lot
>
> --
> ---
> Best regards,
> Bogdan
>
--
Kindest regards,
Tom Smyth
Mobile: +353 87 6193172
The information contained in this E-mail is intended only for the
confidential use of the named recipient. If the reader of this message
is not the intended recipient or the person responsible for
delivering it to the recipient, you are hereby notified that you have
received this communication in error and that any review,
dissemination or copying of this communication is strictly prohibited.
If you have received this in error, please notify the sender
immediately by telephone at the number above and erase the message
You are requested to carry out your own virus check before
opening any attachment.
No comments:
Post a Comment