Analyzer OS X logs on XServ (ipfw, apache, system, security log, etc...)

Hi, there !
Is any professional application with GUI for analyze (and may be with built-in / plug-in option for automatic e-mail, system message administrator notification) for all Mac OS X logs.
I mean that I need powerful GUI mac os x based application (may be looks like Lithium5 or Server Admin) where I spend 10min to determine if any problem are and how it is dangerous. May be realised as log collector and analytics viewer + some graph creator, etc...
Any suggestions from professionals are welcome!
Thank You for Your help and time!

check out splunk. there's a free version, i believe.
http://www.splunk.com

Similar Messages

  • Can't log in as root via ssh, secure.log says it has expired

    Hi,
    I've followed the guides to enable the root account via Directory Utility but I can't log in via ssh. In secure.log I get:
    Apr 26 09:09:56 snowy sshd[1797]: in pamsmauthenticate(): Failed to determine Kerberos principal name.
    Apr 26 09:10:00 snowy sshd[1794]: error: PAM: user account has expired for root from <xxxx hostname removed for privacy> via 10.0.0.1
    I've tried enabling/disabling the root account, changing its password.. I've made sure the root account is enabled in sshd_config and that it has a valid shell in /etc/shells.
    If anyone can tell me how to fix this I'd be very grateful.
    Thanks,
    Mark

    Nevermind I figured it out, needed to enable ssh for 'Administrators' group in Sharing -> Remote access

  • Unable to log in to portal after system copy

    Good day
    I have copied my production portal system to a test system.  I am using an ECC Abap system as my user store.  The portal start successfully and I am able to access the Visual administrator.
    I am however unable to log on to the portal.  The error I get is "User authentication error".
    Below is an extract from the security log:
    #1.5#0011259C05FB0054000002F500001B9800043F56F6157AED#1195542635224#/System/Security/Authentication#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#Guest#0##sapsep.sap.lonmin_SEP_32623050#Guest#af93b280973711dc980a0011259c05fb#SAPEngine_Application_Thread[impl:3]_35##0#0#Error#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: ticket
    Login Module                                                            Flag        Initialize  Login      Commit     Abort      Details
    com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false      false      true      
    com.sap.security.core.server.jaas.CreateTicketLoginModule               SUFFICIENT  ok          false      false      true      
    com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok          true       true       true      
    com.sap.security.core.server.jaas.CreateTicketLoginModule               REQUISITE   ok          true       exception  true       null#
    #1.5#0011259C05FB0054000002F700001B9800043F56F61580BC#1195542635240#/System/Security/Audit#sap.com/irj#com.sap.security.core.util.SecurityAudit#Guest#0##sapsep.sap.lonmin_SEP_32623050#Guest#af93b280973711dc980a0011259c05fb#SAPEngine_Application_Thread[impl:3]_35##0#0#Warning#1#com.sap.security.core.util.SecurityAudit#Plain###Guest     | LOGIN.ERROR     | null     |      | Login Method=[default], UserID=[oostw], IP Address=[172.27.2.137], Reason=[Access Denied.]#
    Please can someone assist.
    Thanks
    Wilhelm

    Hello!
    It looks like your system is configured for ticket authentication. As you did a system copy the SSO-ticket might not be working anymore. If this is the case you need fix the SSO or you need to re-configure your Portal (at least temporarily) to allow other authentication methods (like basic password authentication).
    You can configure the order of the authentication methods in VisualAdmin and set the 'levels' (Required/Sufficient/etc.) there as well.
    Hope this helps,
    Jörg

  • No Security Logging in Windows 2008R2

    HI All!!!
    My Company's Server 2008 R2 can not update the security log in the event viewer, after i clear the security log, it only has one information about the "Log clear" but still got nothing. I just Undo all the GPO setting but still no luck!! After that i go
    to
    Windows\System32\winevt\Logs  and discovered the security.evtx only has 64kb, another event log file is working fine except security log. Any one got this problem before?? or any suggestion about that! Thanks a lot!!!

    HI!!
    Thanks for your help!! i just add the NTFS Permmission
     Local Service and Network
    Service to the Logs Folder, but can not restart the eventlog service, becasue some programs was related with this service. I will try tonight, and let you know how's going after i restart! THANKS A LOT!!!!
    Johnson

  • How to direct commons-logging to jdev console instead of DefaultServer.log

    Hi,
    I have configured commons-logging in my adf 11g application. I added the following line to the commons-logging.properties file:
    org.apache.commons.logging.LogFactory=weblogic.logging.commons.LogFactoryImpl
    I have added the JDev11.1.1.1.0/modules/com.bea.core.weblogic.commons.logging_1.3.0.0.jar as library to my project. If in my weblogic server i set the correct logger settings for my classes i see al log messages in the DefaultServer.log file. How can i make these appear in the JDeveloper console instead?
    Kind Regards,
    Andre

    Hi,
    Found it out by myself so for everybody that wants to do the same.... In the weblogic console logging tab i needed to set the Severity level of Message Destination Standard Out to Debug. Since i now can see all logging in the JDev console i set the Message Destination Log File to warning so the log file does not get to big.
    Kind Regards,
    Andre

  • How come logging is so hard? - JDK1.4 Logging API

    Have a small project on hand. A standalone java program trigged by unix cron job and do some data cleaning. Need to implement a very simple logger. Tried to use JDK1.4 Logging API, here's my code:
    public class MyLogManager {
         public final static String NAME = "mylog";
         public final static String LOG_FILE_NAME = "C:/my.log";
         private static Logger logger;
         static {
              try {
                   logger = Logger.getLogger(NAME);
                   Handler fh = new FileHandler(LOG_FILE_NAME);
                   fh.setFormatter(new SimpleFormatter());
                   logger.addHandler(fh);
                   logger.setLevel(Level.ALL);
              } catch (Exception e) {
                   System.out.println("Unable to initialize logger: " + e.toString());
                   System.exit(1);
         public static Logger getLogger() {
              return logger;
    and use MyLogManager.getLogger().info("message") to log message.
    It works and my.log was generated with log message. However, the problem is everytime a new job (java myprogam ...) runs, it deletes the old log file and create a new one.
    I want the message to be appended by the end of old log file. What should I do? Any help?

    Use log4j (google for it - it's on http://jakarta.apache.org).
    If log4j.jar is in your classpath, the JDK 1.4 logging framework will use it automatically. Then all you have to do is to configure a log4j.properties file in your classpath to log wherever you want it to.
    And log4j is sorta-smart about multiple programs logging to the same file.

  • System-level logging

    Hi All,
    Is there a way to get a handle on what Flex is doing under
    the hood? When the WebService control is actually hitting a WS
    endpoint, for example... or what the SOAP envelope looks like. I am
    looking for system level logging... something like a -verbose or
    -debug flag in Apache Ant.
    Thanks,
    Rob

    Adobe Newsbot hopes that the following resources helps you.
    NewsBot is experimental and any feedback (reply to this post) on
    its utility will be appreciated:
    Flex 3 - Using WebService components:
    The Flex application in the following example calls a web
    service that queries a SQL database table called users and returns
    data to the Flex application,
    Link:
    http://livedocs.adobe.com/flex/3/html/data_access_3.html
    Webservice example:
    Jan 03, 2007 - Webservice example ... <mx:Panel
    title='WebService Example' height='75%' ... Flex Versions: 2.0.
    Category: General
    Link:
    http://www.cflex.net/showFileDetails.cfm?ObjectID=582
    Flex 3 - Automatically generating web service proxies:
    For each web service operation, Flex Builder generates a
    strongly typed ... You can call a web service operation directly,
    as the following example shows:
    Link:
    http://livedocs.adobe.com/flex/3/html/data_4.html
    Bruce Phillips' Blog: Using XML in Flex - Tutorial Part 4 -
    WebService:
    Bruce Phillips Flex and ColdFusion Tutorials: Using XML in
    Flex - Tutorial Part 4 - WebService.
    Link:
    http://www.brucephillips.name/blog/index.cfm/2006/10/22/Using-XML-in-Flex--Tutorial-Part-4 --WebService
    mx.rpc.soap.mxml.WebService (Flex 2 Language Reference):
    Simple example to demonstrate the WebService tag. -->
    <mx:Application xmlns:mx='
    http://www.adobe.com/2006/mxml'>
    <!-- Make sure the Flex Data Services
    Link:
    http://livedocs.adobe.com/flex/2/langref/mx/rpc/soap/mxml/WebService.html
    Disclaimer: This response is generated automatically by the
    Adobe NewsBot based on Adobe
    Community
    Engine.

  • Secure.log and log rotation problems

    I had originally posted this in the Tiger section, but now finding the Unix section which I think would be able to help me more. here is the link to the post: http://discussions.apple.com/thread.jspa?threadID=1913487&tstart=0
    Also I am getting this in my system.log, I have googled it and cannot find anything that tells me what it is:
    Feb 19 18:54:34 SamiMac kernel[0]: m378d97c0 0
    some help on this would also be appreciated.
    Message was edited by: a Mac user

    The secure.log message is explained at the bottom of Spurious Permission errors in OS X 10.4.
    For your ipfw logs, check that /etc/periodic/weekly/500.weekly contains the line
    for i in ftp.log lookupd.log lpr.log mail.log netinfo.log hwmond.log ipfw.log ppp.log secure.log; do
    (although I don't know why it wouldn't) and then check this is actually being run by looking at /var/log/weekly.out. Try
    tail -10 /var/log/weekly.out
    Let us know what you see.
    I haven't seen that kernel message before

  • Error message 'Please log on to the SAP system' when selecting 'shop'

    In SRM when we click on 'shop' or 'Goods Receipt' we get the error 'ITS System Information 'Please log on to the SAP System' where it prompts user to log on again. However when user logs on it opens up the same screen again saying please log on to the sap system.
    This only happens when we shop using the External ITS (wgate), EBP works fine using the Internal ITS.
    Please can someone help.
    Kindest Regards
    Paul

    Hi
    <b>Please try this -></b>
    <b>Look using SRM transaction SITSPMON and RZ20, RZ21.</b>
    Also Please check <u>SAP OSS Note 517860</u>
    <b>-> For ITS,  You need to maintain the RFC connection in the connection type "T" i.e TCP/IP. Maintain in the Table - TWPURLSVR.
    Ensure that you have maintained correct entries in the TWPURLSVR table using SM30 transaction for the ITS Web path (http or https address path). Note you are passing port - 8001 in the address here. Incase you face problems, Please ask you BASIS person to help you out.
    -> Please ask you BASIS person to help you out for maintaining ITS settings. (Ensure IACOR service is running properly - ITS server is running), through the transaction SMICM
    -> What all logs appear in SLG1 and SM21 transactions after publishing all the Internet services.
    -> If you are using ITS 6.2,you need to do the IACOR settings for SRM on the ITS server.Also in SE80 mainatin the Site for SRM system.After this ,you can publish all the ITS services usig the report,W3_PUBLISH SERVICES.</b>
    <u>Related links -></u>
    Integrated ITS :Login Problem
    Re: ITS_CANT_LOAD_INCLUDE in BBPstart service
    Re: ITS_DEST_NOT_FOUND
    Re: ITS Configuration
    Re: ITS Template not found
    Do let me know.
    Regards
    - Atul

  • System and security logs

    1. Login, Clear Logs and log off events in Windows 2003 when does this happen and what are the IDs for
    these events ?  what is the system login?
    2. In an event when administrator account and password are shared by more than one person, is it is possible
    to prove who cleared the security logs?
    3. If there is no keyboard monitoring is there a way to prove from which PC the delete came from?
    4.  Can a schedule a task be run in advance to delete the security logs at a later point of time in Window
    2003 using utilities like WMI, powershell etc?
    5. In Windows 2003 servers, Microsoft allows 2 remote connections and 1 console session also called session
    0. What is session 0 ans when is this launched?
    6.  Can security and the system logs on the  server be deleted remotely from any other server in
    windows 2003 if the account has admin rights? Please comment if firewall setting needs to be enabled in window 2003. 
    dhomya

    1.) If you enable auditing here are the events
    https://technet.microsoft.com/en-us/library/cc787567%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
    2.) Probably not unless you know who was at what console at what time.
    3/4.)
    http://blogs.msdn.com/b/ericfitz/archive/2007/08/10/help-someone-has-deleted-events-from-my-windows-event-log.aspx
    5.) http://support.microsoft.com/kb/278845
    6.) See 3/4
    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  • Unable to receive an email by task scheduler on audit failure in windows server 2008 r2 security log

    Deal All,
    I am sorry in advance if i would be on wrong forum, i have created a task on Server 2008 r2 Domain controller that when an audit failure event triggered in windows security log then an email should reach on my email ID, but unfortunately, nothing happen
    on audit failure.i receive no email from task scheduler.
    kindly suggest me to resolve the issue. I have created Email task on  event ID 4771.
    Thanks.
    Zeeshan Ibrahim Network Administrator

    Hi Zeeshan,
    I have found a hotfix against the same error messages, though it applies to Windows Vista and Windows Server 2008, I am not sure if it will work on your machine.
    Please refer to this KB article below:
    Duplicate triggers are generated incorrectly in scheduled tasks in Windows Vista or in Windows Server 2008
    http://support.microsoft.com/kb/2617046
    Please feel free to let us know if this hotfix couldn’t help you fix this issue.
    Best Regards,
    Amy Wang

  • Only one Server Audit can write to Security Log

    Hi,
    I have a problem when i want to enable a
    second audit server to security log...
    Permissions are right, the first Audit Server works fine but when i enable the second i have the 33204 error.
    (SQL Server Audit could not write to the security log.) its strange...
    I used Process Monitor tool from Sysinternals to debug the ACCESS on the Registry Key HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security but there is not difference when i enable the first Audit Server or the second...
    I am not the only person who has this issue, i see that in other places...
    Can you help me?
    Thanks!
    Regads.

     Have you granted access to the new service account via secpol? This may be the root cause for this problem. For the detailed instructions please visit: 
    http://msdn.microsoft.com/en-us/library/cc645889.aspx.
    BTW. I would strongly recommend using secpol.msc to manage the local security policy instead of modifying the registry keys directly.
    Please let us know if this information helped
    -Raul Garcia.
    SQL Server Security
    This posting is provided "AS IS" with no warranties, and confers no rights.

  • I don't want to be logged into game center, but it automatically logs me in every time I log out. How do I stop that from happening?

    I am trying to disable my game center, but every time I log out of game center, it automatically logs me back in. How do I prevent this from happening?

    System Preferences - Mail, Contacts and Calendars - delete the Facebook account you see there, and/or add your own account.
    Matt

  • I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

    I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

    Hi
    Secure Zone login feature will only work if you host your website with Business catalyst.
    Please take a look to this as an alternative
    Password Protect Pages Widget for Adobe Muse
    Also, check this thread,
    Re: Can I create a login/password protection in Muse for a HTML5 page or two?

  • WBEMTEST doesn't give Security logs

    Hi,
    I did a WMI test and queried to see the security logs. Nothing found. I see only Application and System logs. No security logs were found.
    I used the below query.
    select * from win32_ntlogevent
    Thanks in advance.
    Rajiv,
    Technical Support Engineer.

    On Windows Server 10 TP, I don't see the same behavior you describe...
    Get-WmiObject -Query 'select * from win32_ntlogevent' | group -Property LogFile -NoElement
    Count Name                    
     1140 Security                
        1 System                  
       24 Windows PowerShell
    Hope this helps, Martin

Maybe you are looking for