/var/log/syslog and /var/log/daemon.log getting very big

To: debian-user@lists.debian.org
Subject: /var/log/syslog and /var/log/daemon.log getting very big
From: Shri Shrikumar <shri@urbyte.com>
Date: Mon, 19 Apr 2004 02:05:01 +0100
Message-id: <[🔎] 408325BD.6080505@urbyte.com>

Hi List,

I just experienced a pseudo denial of service issue. A server of oursruns woody and bind seems to have filled syslog and daemon.log withabout 1.3g worth of messages along the lines of

Apr 18 18:25:38 server named[241]: sysquery: no addrs found for root NS(A.ROOT-SERVERS.NET)Apr 18 18:25:38 server named[241]: sysquery: no addrs found for root NS(B.ROOT-SERVERS.NET)Apr 18 18:25:38 server named[241]: sysquery: no addrs found for root NS(C.ROOT-SERVERS.NET)

This in itself was not much of issue except that logcheck started to eatup all the memory and the kernel starts to kill processes.

What I have done is to recreate syslog and daemon.log with the abovelines stripped out with grep and restarted the the logging daemons.However, I would like to know how to prevent something like this fromhappening in the future.


Any help / pointers in this matter will be appreciated.

Thanks and best wishes,

Shri


--
------------------------------------------------------------------------
Shri Shrikumar       U R Byte Solutions           Tel:   0845 644 4745
I.T. Consultant	     Edinburgh, Scotland          Mob:   0773 980 3499
                     Web: www.urbyte.com          Email: shri@urbyte.com

Reply to:

Prev by Date: Mozilla Thunderbird questions
Next by Date: syslog filling up with "no addrs found for root NS"
Previous by thread: Re: Mozilla Thunderbird questions [partly solved]
Next by thread: syslog filling up with "no addrs found for root NS"
Index(es):
- Date
- Thread