On 12/19/2016 12:32 PM, Carlos E. R. wrote:
On 2016-12-19 18:24, Anton Aylward wrote:
That's just login sessions of different types. I don't remember where these where kept before.
In at least three different files, perhaps five or more depending on the mode of access.
if you really want to be paranoid, you can forget about the indexoing that journalctl can do and simple grep
journalctl |grep login | more
Takes minutes with rotating rust.
Minutes to do what? On my rotating rust I get output immediately. Yes, if you want to wait for the very end and you are one of the people who have a gazillion of gigabytes of log files, but that reasoning applies too if you want to get every login from every individual source (since this covers in my case dovecot access, smptd/postfix access, Xlog and more, it ends up being about 10 different files). Rotating rust of syslog files isn't going to be any faster. You're clutching at straws here, Carlos.
No correlation unless you have a database viewer and analysis tool.
Ah, tools!
Well, for a start, journalctl does index.
What does that mean? Examples, please.
I gave some examples, perhaps you didn't notice. Something like journalctl _COMM=sshd vs journalctl | grep ssh
Nonono. I want ready made user end tools. I do not want to learn programming awk now or have to write my own tools.
That's fine. Go off and use Windows then, accept someone elses' idea of how the UI should look, what data you're allowed to display and how to see it and what you can do with it and more to the point what it won't permit you to do with it. You really shouldn't be using Linux if that's your attitude.
You've been around long enough, Carlos, to know and have done this sort of thing. What's this, some anti-systemd feeling?
No, not at all.
Well, that's how its coming across.
But then, logs may be as difficult to analyze as they currently are in Windows.
This isn't Windows. <obscentity> Windows. part of the nature of Windows is to make you buy some third party tool to do things that with UNIX/Linux can be done with a few lies of scripting.
The journal thing in Linux is getting closer to what Windows does with logs. That's my fear. I'm unable to find events in Windows system log, that I know they are there.
There are forms of anti-systemd manifestation. A reluctance to learn how to manage the new facilities is one of them. This is all new to e as well, but I'm willing to accept it, not fight it, to experiment and learn. I figure that Lennart Poettering is smarter than me. What I understand makes sense and what I understand allows me to, slowly, learn more. UNIX, Linux has always had for me a joy in learning and a WOW! factor and a 'hey, that's neat!" aspect. I've never had that with Windows (which was always A source of frustration) or even VMS (and yes even when I used the RATFOR Software Tools). -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org