I have freshly installed from zero Debian 12 to enjoy it, just a bit higher ram usage than debian 11 but its fine.
Basically on Debian 11 I used rsyslog to create a custom logging rule that will redirect matched patterns to a file
"/etc/rsyslog.d# cat iptables.conf
:msg, contains, "Outgoing Connection Blocked: " /home/funtastic/iptables.log
& stop"
By using iptables I logged those blocked connection in that specific file.
Now that Debian 12 has switched to Journalctl, I would like instead of relying to Rsyslog, to use Journalctl for the same achievement.
I was reading the wiki but I am not able honestly. Right now those blocked connection are captured by kernel as displayed in # journalctl -e command
Any idea?
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Debian 12 switched to Journalctl insted of rsyslog
-
FuntasticDebianUser
- Posts: 10
- Joined: 2023-06-22 20:20
- Has thanked: 2 times
- Been thanked: 1 time
Re: Debian 12 switched to Journalctl insted of rsyslog
can't you just grep the journalctl? or use a timer or even cron to put the output into a separate file if that's really necessary?
You're pretty knew, I'm pretty confused insted?
viewtopic.php?t=155036&sid=fbc815df27da ... 9fe2eaa20d
You're pretty knew, I'm pretty confused insted?
viewtopic.php?t=155036&sid=fbc815df27da ... 9fe2eaa20d
About APT and packages
Unread post by FuntasticDebianUser » 2023-06-22 17:27
Hello,
I am pretty knew about debian, and I have some questions about packages and APT.
resigned by AI ChatGPT
-
FuntasticDebianUser
- Posts: 10
- Joined: 2023-06-22 20:20
- Has thanked: 2 times
- Been thanked: 1 time
Re: Debian 12 switched to Journalctl insted of rsyslog
bw123 wrote: ↑2023-06-23 21:23 can't you just grep the journalctl? or use a timer or even cron to put the output into a separate file if that's really necessary?
You're pretty knew, I'm pretty confused insted?
viewtopic.php?t=155036&sid=fbc815df27da ... 9fe2eaa20dAbout APT and packages
Unread post by FuntasticDebianUser » 2023-06-22 17:27
Hello,
I am pretty knew about debian, and I have some questions about packages and APT.
Yes I am pretty knew, I started using Debian a year ago and I am using it on server environment.
I know about grep and write in a file, I was wondering if there is a cleaner way to do this.
Re: Debian 12 switched to Journalctl insted of rsyslog
systemd journald doesn't provide for such options. If you care about logging, enable rsyslogd and make sure systemd logs there (ForwardToSyslog=yes in /etc/systemd/journald.conf).
Note that systemd/journal provides, by default, some rather absurd rate limiting defaults, so again, if you care about logging (e.g. if this is a server) then make sure RateLimitBurst=0 and RateLimitIntervalSec=0s.
Note that systemd/journal provides, by default, some rather absurd rate limiting defaults, so again, if you care about logging (e.g. if this is a server) then make sure RateLimitBurst=0 and RateLimitIntervalSec=0s.