ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://forum.configserver.com/

Add journald support

https://forum.configserver.com/viewtopic.php?t=12656

Page 1 of 1

Add journald support

Posted: 04 Nov 2022, 12:24
by marcele
Most new operating systems are switching to journald instead of syslog for logging as it provides a much needed unified interface for logging. It would be good if CSF could support this similar to fail2ban.

fail2ban:
https://unix.stackexchange.com/question ... md-journal

A good tutorial on using journalctl:
https://www.2daygeek.com/journalctl-rea ... stem-logs/

Re: Add journald support

Posted: 08 Nov 2022, 07:36
by marcele
You should note that you wouldn't even have to change any regex as you can use the "short" output to match syslog:

Example:

View postfix logs:

Code: Select all

journalctl --no-pager --quiet --unit='postfix' --since='2022-10-30 00:00:00' --until='2022-11-06 23:59:59' --output='short'
If you only want to view posfix smtp logs:

Code: Select all

journalctl --no-pager --quiet --identifier='postfix/smtp' --since='2022-10-30 00:00:00' --until='2022-11-06 23:59:59' --output='short'
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited