cmkelley
Very Senior Member
I guess that's what I get for not looking at my logs very often. You are correct, thanks.
Scribe scribe - syslog-ng and logrotate installer
- Thread starter cmkelley
- Start date
cmkelley
Very Senior Member
The scribe log says scribe installed successfully, so that should be okay. @Jack Yaz this looks like an unexpected interaction between uiScribe and amtm? I'm up to my eyeballs in alligators for a while so I really don't have the bandwidth to test.I just tried to install scribe (via amtm) on my RT-AC86U, and said "yes" when prompted to install uiScribe. After the installation process, I'm back at the initial amtm screen, which includes both scribe and uiScribe, but the text at the bottom mentions a failure:
I've attached a copy of everything in PuTTY, from when I started to install scribe.
My thoughts:
1) Nothing appears to stand out as having failed, so maybe there is something wrong with the return codes or any post installation checks
2) If something has actually gone wrong, there is a distinct lack of information being displayed, because all I have are the words "scribe installation failed"
3) Leaning towards it just being an issue with the return/checks, because it's too "clean" to have been an unhandled error
4) And that it's just a minor bug, because if it was a handled exception, there would be far more information available
I'm just going by my technical experience and don't actually know for certain. I've currently left PuTTY at the "Enter option" (see last line of the attached scribe.txt) and will hold off on making any changes to router settings, in case anyone wants me to share logs or do any checks (which haven't been muddied by other actions)
/Edit: After this installation, the WebUI's System Log page has more content/options than it did previously. As far as I can tell, everything seems to be working as expected.
It's something @thelonelycoder strongly suggests, and the output you posted didn't show a label.
Diversion - the Router Ad-Blocker
Diversion - the Router Ad-Blocker
thelonelycoder
Part of the Furniture
Is that in relation to my post?
If so, I'm happy to uninstall scribe + uiScribe, labelling the USB and attempting the install again
While Diversion and with it Entware happily works with no label set to the USB-device, other apps that don’t use the /opt/ path may not. In fact they usually fail unless they have a built in correction such as the swap file entry and Skynet.
thelonelycoder
Part of the Furniture
If you installed Entware trough amtm, then you're fine, no need to set a device label. amtm uses the same fail proof method as Diversion to load the Entware file structure.I'm not that familiar with most of this and am trying to get my head around it all. Apologies in advance if what I say/ask is stupid.
- Are you guys just using Diversion as an example? You both mentioned it, but I don't actually have it installed.
- I have the following installed: scribe, nsrum, connmon, ntpMerlin, scMerlin, spdMerlin, uiScribe, Entware and 2GB swap file.
- The only error/issue I've seen is the "scribe installation failed" message when installing scribe, so do you guys think that it happened because a label wasn't set?
- Just to reiterate, the installation itself didn't fail (at least I don't think it did since everything seems to be working fine)... it was just the console message that was incorrect.
- Is setting a label something which is considered to be best practise, or is it being recommended as a potential workaround to issues that are elsewhere?
In this particular scenario, the installation was successful, but the script stated that it failed. If not having set a label was an issue, you would expect the installation to fail. Seems like something is incorrectly returning a failure, there is an issue with the installation success/failure checks, or something has actually failed. However you look at this, and even after considering other possibilities, there is still something wrong in the installation script.
I have no idea what the issue could be (at the end of the day it is effectively a cosmetic thing, so quite trivial) nor do I know how to even start trying to figure it out. More than happy to help with any testing etc though
And since scribe installs into Entware, there's no chance this could be path related due to a missing device label.
thelonelycoder
Part of the Furniture
This bit looks like the only statement that comes near to an error:I just tried to install scribe (via amtm) on my RT-AC86U, and said "yes" when prompted to install uiScribe. After the installation process, I'm back at the initial amtm screen, which includes both scribe and uiScribe, but the text at the bottom mentions a failure:
I've attached a copy of everything in PuTTY, from when I started to install scribe.
My thoughts:
1) Nothing appears to stand out as having failed, so maybe there is something wrong with the return codes or any post installation checks
2) If something has actually gone wrong, there is a distinct lack of information being displayed, because all I have are the words "scribe installation failed"
3) Leaning towards it just being an issue with the return/checks, because it's too "clean" to have been an unhandled error
4) And that it's just a minor bug, because if it was a handled exception, there would be far more information available
I'm just going by my technical experience and don't actually know for certain. I've currently left PuTTY at the "Enter option" (see last line of the attached scribe.txt) and will hold off on making any changes to router settings, in case anyone wants me to share logs or do any checks (which haven't been muddied by other actions)
/Edit: After this installation, the WebUI's System Log page has more content/options than it did previously. As far as I can tell, everything seems to be working as expected.
Code:
Added missing swap file entry to
/jffs/scripts/post-mountSince I cannot change the logic of that code because of reasons an elaborate check is built in for a swap file or swap partition to change the path should the path to the USB-device change.
In that case, it would be better to have a label set, as mentioned in the earlier post of mine.
I don't think you are out of the woods yet. That message isn't generated by scribe--it is, I think, generated by the scribe.mod file that is part of amtm. It is checking to see if the logrotate daily chron job exists, and you most definitely need that. In a terminal run
Code:
cru lI would start over, set a label, and reinstall.
cmkelley
Very Senior Member
The last thing the scribe install routine does is run a status, which checks the output of 'cru l' for the presence of the cron job. According to the text file @hshah attached, it was there and everything else was correct. scribe should have exited with "exit 0". I haven't explicitly tried installing without a disk label, but I don't see why scribe wouldn't like it. The only time scribe explicitly looks for the drive name is to redact it when creating a debug file, which is not part of the install routine.
I didn't find his error message in scribe itself. I found it in scribe.mod, which is part of amtm, isn't it? It doesn't check "cru l", but checks to see if post-mount has the line in it. So scribe might exit with code zero, but amtm might then do another check that failed.
cmkelley
Very Senior Member
Right, it is an error message from amtm. I check both the output of 'cru l' and for the cru line in post-mount in scribe's status check. I'm confident his scribe is installed correctly, I'm not sure where the error message is coming from.
I'll put this out in case it helps someone. I recently had a runaway pixelserv.log. For reasons unclear to me, an Android phone in the house started calling two blocked fingerprinting sites repeatedly. As in hundreds of times a second. Because I have pixelserv on level 2 logging, my pixelserv.log was growing tens of megabytes an hour, which brought the webgui display to its knees. That isn't the sort of thing logrotate could handle, even if the logs were useful. So I added a filter and discard log statement like so:
The first log statement discards any message that includes the noisy sites; the second one is the one we usually use.
My first effort was to create a text file with the sites I wanted to discard, and use the in-file filter function, as the filter was going to be unwieldy with multiple "or" statements. But that doesn't allow for substrings, so it wasn't going to work. Still thinking about alternatives.
Code:
# log all pixelserv-tls logs to /opt/var/log/pixelserv.log and stop processing pixelserv-tls logs
# drop certain logged messages if they contain words in a file
destination d_pixelserv {
file("/opt/var/log/pixelserv.log");
};
filter f_pixelserv {
program("pixelserv-tls");
};
filter f_pixelserv_do_not_log {
message("api.permutive.com"); or
message("cdn.permutive.com"); or
message("reports.crashlytics.com");
};
log {source(src);
filter(f_pixelserv);
filter(f_pixelserv_do_not_log);
flags(final);
};
log {
source(src);
filter(f_pixelserv);
destination(d_pixelserv);
flags(final);
};
#eofMy first effort was to create a text file with the sites I wanted to discard, and use the in-file filter function, as the filter was going to be unwieldy with multiple "or" statements. But that doesn't allow for substrings, so it wasn't going to work. Still thinking about alternatives.
HardCat
Regular Contributor
Thanks for this! On my network apple devices are the noisiest mostly to the "reports.crashlytics.com" I am going to give this a go.
cmkelley
Very Senior Member
Okay, 2.4.3 is up. Please update Entware first, syslog-ng has been update to 3.27.
Just minor stuff that's been accumulating:
Just minor stuff that's been accumulating:
- scribe itself has only cosmetic changes, no changes in functionality
- Filters (w/logrotate files) for Netdata, roaming assistant and Suricata added; h/t to @ttgapers for Netdata and Suricata filters / logrotate files
- Removed /dev/null from the blankmsg filter, completely pointless to write to /dev/null, just don't write it at all
- Missed a pair of parenthesis in the wlceventd filter; h/t @Ayitaka
- Additional comments in A00remote, including sending messages by tcp instead of udp
- Capture ntpMerlin messages in the ntpd log
- Updated README.1st to reflect above
- Editorial changes to the default syslog-ng.conf file
If you've added the suricata file to syslog-ng.d, just rerun uiScribe and reset the webgui, then delete again the ones you don't want to show.
I got a kick out of some of the git commit comments, like "reverse for a reason".
skeal
Part of the Furniture
Anyone feel like helping me filter "hostapd" and "cake-qos" messages please? I've been trying and uninstalling scribe to get things working again as I keep failing. I create empty logs and nothing gets filtered. I've looked at the examples but seriously I'm drawing blanks now. Please anyone?
Give me a few and I can do Cake...I'll see if I can get it over before the next publish...
Or share what you built...might just need a tweak or two. One key thing with the config files for both logrotate and syslog-ng is perms....0600 - else if never reads the config.
cmkelley
Very Senior Member
It depends on how snarky I'm feeling at the moment - I actually just looked at the commit history, and I have zero idea anymore why I did that. There's a reason my nick on github is cynicastic. Cynical and Sarcastic. Honestly if I could change my nick here without losing my history, I would, but oh well.
Similar threads
Similar threads
Similar threads
-
Scribe Strange Issue with Scribe / Syslog-NG after Reboot
- Started by ScottW
- Replies: 7
-
Scribe Scribe nvram log_path - what should it be?
- Started by vibroverbus
- Replies: 4
-
Scribe Issues with scribe.... Errors all over the place after restarting scribe!
- Started by SomeWhereOverTheRainBow
- Replies: 8
-
Scribe [SOLVED] syslog-ng intermittent failure to shutdown which messes all logging
- Started by Tarek Yag
- Replies: 15
-
AdGuardHome There are tons of dnsproxy error messages occuring on syslog.
- Started by jklim
- Replies: 2
-
Updated scMerlin to 2.5.5 - syslog stops at 'syslogd exiting'
- Started by thecheapseats
- Replies: 9