| Author |
|
chrishermann
Newbie
Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
|
| Posted: 17 June 2017 at 1:20pm | IP Logged
|
|
|
What does the event log file include the date in the filename? It just makes it more difficult to make use of the data. Why not just give is a static name and keep a rolling renamed log. It resets every time a new date is found anyway.
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 19 June 2017 at 2:42am | IP Logged
|
|
|
Hmm, looks like in v7 there were configuration options for adjusting filename patterns for both debug and event logs, now it's only there for debug logs. I've asked the developers to see if it's possible to make event log filename in v8 configurable as well.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
chrishermann
Newbie
Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
|
| Posted: 19 June 2017 at 2:03pm | IP Logged
|
|
|
Thanks Igor, but please note my comment on the timestamp in the other thread too. Not being able to use fail2ban because of the wrong timestamp is a complete showstopper which would make the filename issue mute anyway.
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 20 June 2017 at 2:28am | IP Logged
|
|
|
Well I'm not sure how it's wrong, it's simply universal. I'm wondering how would you prefer it to work - using timezone settings from default domain, or from specific domain?
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
chrishermann
Newbie
Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
|
| Posted: 20 June 2017 at 3:10am | IP Logged
|
|
|
If the timestamp does not match the system time - I would regard that as wrong. IIRC, users can specify their own timezone for emails in webmail, so I can see why you would want to use Zulu as a ref time, but perhaps the same code could be adapted to be displayed in the log files?
Since my original observation, I have noticed something else which I didn't pick up on at first, but the timestamp is just a timestamp - there is no date component. I am new to writing custom regex's for fail2ban and I have just today learned that they need to have a timestamp which includes a date (makes sense really as the date is needed for referencing when to unban).
The ideal scenario would be to have a user configurable format timestamp and timezone. That should keep everyone happy. Failing that, a {date: time} format which reflects the system time at the start of each entry would be quite acceptable. As an example, the SOGo timestamp is in the form mmm dd hh:mm:ss with the timezone set using a config file Entry (standard Unix style eg Europe/London etc)
FWIW, here is a failed logon entry from a SOGo log file for your ref.
Jun 20 09:57:16 sogod [1879]: SOGoRootPage Login from '192.168.1.12' for user 'testfaillog@domain' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0
I am not sure what the password policy, grace, expire or bound parameters are as I have not looked into that yet, but if you want to know I will go check. I think the [1879] is the PID of the triggering process, but not sure.
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 20 June 2017 at 3:25am | IP Logged
|
|
|
I've heard from the developers that LogFileName configuration option in v8, data/settings/config.json file, affects both the log files, debug and event one, it just prepends "event-" to the latter one.
And I see your point there, we will consider adjusting the logging feature so that server time is used rather than GMT.
Quote:
FWIW, here is a failed logon entry from a SOGo log file for your ref.
Jun 20 09:57:16 sogod [1879]: SOGoRootPage Login from '192.168.1.12' for user 'testfaillog@domain' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0
I am not sure what the password policy, grace, expire or bound parameters are as I have not looked into that yet, but if you want to know I will go check. I think the [1879] is the PID of the triggering process, but not sure. |
|
|
Not too sure how it's related to our product, can you please explain?
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
chrishermann
Newbie
Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
|
| Posted: 20 June 2017 at 12:41pm | IP Logged
|
|
|
Thanks Igor.
I appear at present to be the only one offering feedback on the beta :-(, I hope that
a) it is helpful (it is intended to be)
b) some others join in :-)
re the sogo log entry:
Not related at all, just passed it on for ref in case you were curious about a log structure which is known to work with fail2ban and were considering offering a similarly structured option (which would be nice (-:). The critical omission for getting fail2ban working AIUI is the lack of a date in the timestamp
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 21 June 2017 at 2:13am | IP Logged
|
|
|
We really appreciate your feedback, we will consider making logging more configurable. And well, this is a really new version of the product and we hope the community grows bigger with time; plus, we intend to release WebMail Pro soon.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
chrishermann
Newbie
Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
|
| Posted: 21 June 2017 at 4:41am | IP Logged
|
|
|
I tweaked the data/settings/config.json file to rename the log file without the date variable in the file name and it seems to be working just fine. Never thought to go there. I also changed the SiteName variable and that worked a treat too. I assume eventually those will be accessible from the admin pages as per earlier versions.
I really like ver8 and so far there have been no issues in terms of usage (though I am only doing tests using the internal network not using it live - so very low intensity). If/when I can get fail2ban running I will take it live. That is the only thing stopping me right now. I think you clearly have done a lot of testing before beta release because it seems really stable.
|
| Back to Top |
|
| |
marcele
Newbie
Joined: 15 March 2014
Location: Canada
Online Status: Offline
Posts: 21
|
| Posted: 20 February 2018 at 7:53am | IP Logged
|
|
|
Timestamp should use the default timezone that PHP is set to.
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: event log
Privacy policy |
Refund policy