Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: NTP Server Logs

  1. #11
    Join Date
    Nov 2012
    Beans
    8

    Re: NTP Server Logs

    i deleted the lines added to ntp.conf once i got your answer (iptables)

    however the problem is still the same :

    i can see the entries about the firewall rule in syslog but there is no indication about what have been done in NTP, the synchronization is it ok ? any error ? difference between the 2 clocks ....

  2. #12
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,345
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: NTP Server Logs

    ntpd never logs things like that. You can look at the client to see if the client successfully synchronized with the server. Why would think it is not working? I've used ntpd for years, and it is very reliable. It is pretty much a "set-it-and-forget-it" type of daemon.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  3. #13
    Join Date
    Nov 2012
    Beans
    8

    Re: NTP Server Logs

    Ok thanks

    we have a lot of DMZs, lot of PCs, Servers, we wanted to have a single log file to search for anomalies in NTP protocol

    i agree that in general it's a "set-it-and-forget-it" but sometimes there is some equipements with the wrong date that cannot synchronize their clock (example bios pb, ...), there is also some equipements that cannot synchronize their clock if the difference betwenn the 2 clocks is big even if they have the correct date.

    so it's about a centralized view for troubleshooting.

    Thanks

  4. #14
    Join Date
    Sep 2006
    Beans
    7,815
    Distro
    Lubuntu Development Release

    rsyslogd

    If you want centralized logging, you can have the clients running ntpd forward part of their syslog activity to a central server. Take a look at the manual page for rsyslogd and for rsyslog.conf and look for the material on remote forwarding. Unfortunately there does not seem to be an obvious way to have ntpd log to a customized log facility (e.g. local0). That would make it easier to sort. The package logwatch on the central log server might help.

  5. #15
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,345
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: NTP Server Logs

    I looked at the source code for ntpd. It looks like you could alter the file [ntp-source-root]/lib/isc/log.c to change the name of facility being used. I'm not a C programmer, but if you have any around, ask them to take a look at the source.

    Current release version: http://www.eecis.udel.edu/~ntp/ntp_s...4.2.6p5.tar.gz
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  6. #16
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,023
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: rsyslogd

    Quote Originally Posted by Lars Noodén View Post
    Unfortunately there does not seem to be an obvious way to have ntpd log to a customized log facility (e.g. local0). That would make it easier to sort.
    rsyslog has a pretty advanced filtering mechanism (host, originating program, specific strings occuring in the log message, ...) so it's probably doable to filter out 'ntp' log entries and direct them to a dedicated log

  7. #17
    Join Date
    Sep 2006
    Beans
    7,815
    Distro
    Lubuntu Development Release

    Re: rsyslogd

    Quote Originally Posted by koenn View Post
    rsyslog has a pretty advanced filtering mechanism (host, originating program, specific strings occuring in the log message, ...) so it's probably doable to filter out 'ntp' log entries and direct them to a dedicated log
    The manual page for rsyslog.conf doesn't give much help with examples or clarification. There is the online documentation for rsyslogd but it could also be made more clear. I guess the place to start would be here:

    http://www.rsyslog.com/doc/property_replacer.html

  8. #18
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,023
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: rsyslogd

    Quote Originally Posted by Lars Noodén View Post
    The manual page for rsyslog.conf doesn't give much help with examples or clarification. There is the online documentation for rsyslogd but it could also be made more clear.
    True, and sometimes it's even more confusing when the documentation describes features that are not yet available in the version ubuntu or debian are using.

    FWIW, I wrote down some reminders when i first tackled (centralized) ligging with rsyslog : http://users.telenet.be/mydotcom/howto/linux/syslogserver.html

  9. #19
    Join Date
    May 2014
    Beans
    1

    Re: NTP Server Logs

    Quote Originally Posted by hiboujid View Post
    i deleted the lines added to ntp.conf once i got your answer (iptables)

    however the problem is still the same :

    i can see the entries about the firewall rule in syslog but there is no indication about what have been done in NTP, the synchronization is it ok ? any error ? difference between the 2 clocks ....




    Ahhhhhh .....hiboujid ntp traffic is UDP traffic, you don't have too much to see there.

    You need to check this information from the client, try 'ntpq -p', 'ntptrace' commands or see the log file of client.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •