Core Logs References¶
- radius.log
This log contains all the information related to user authentications. For example, the results of authentications and authorizations.
Path /var/log/radius/radius.log
A monitor log, monitor is the openNAC user
Tue Jul 9 11:14:01 2019 : Auth: Login incorrect (No such user (0xc0000064)): [monitor] (from client localhost port 0)
Tue Jul 9 11:14:01 2019 : Info: rlm_opennac[callAPI]: source[USER] url[http://127.0.0.1/api/poleval/userid/monitor/switch/127.0.0.1/port/0/mac//portid/0/status/reject/statusmsg/No%20such%20user%20%280xc0000064%29/timestamp/1562663641752/source_module/radius/apiv/1.2.0] exec time[0.105264s]
Tue Jul 9 11:06:02 2019 : Info: rlm_opennac: Returned info vlan[353] acl[(null)] auth-Type[MAB]
Tue Jul 9 11:10:45 2019 : Auth: Login OK: [107b44b766b3] (from client demo-madrid port 50011 cli 107B44B766B3)
Tue Jul 9 11:10:46 2019 : Info: rlm_opennac[callAPI]: source[MAB] url[http://127.0.0.1/api/poleval/switch/10.10.37.5/port/50011/mac/107B44B766B3/portid/FastEthernet0%5C%5C11/switchmac/70105C79618B/timestamp/1562663445906/source_module/radius/apiv/1.2.0] exec time[0.189115s]
- gearmand.log
This log contains all the information related to gearman’s service operation. Most of the information needed for debugging day to day operations can be found using:
gearadmin --status
Path /var/log/gearmand.log
- mysqld.log
This log contains all the information related to mysql’s service operation. For example, replication files could not be found, or if there is not enough memory available for the service to start or work properly. (this information can be found in the following file /etc/my.cnf ).
Path /var/log/mysql/mysqld.log
200305 12:48:26 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
200305 12:48:26 InnoDB: Initializing buffer pool, size = 2.0G
- opennac-admonportal.log
This log contains information related to the Administration Portal’s application.
Path /var/log/opennac/opennac-admonportal.log
Feb 14 10:30:54 LAB0oncore opennac-admonportal[24554]: indexAction id=Common_Query::__set_state(array(#012 'filter' => NULL,#012 'order' => NULL,#012 'offset' => NULL,#012 'limit' => NULL,#012 'count' => false,#012 'groupBy' => NULL,#012 'file' => false,#012))
Feb 14 10:30:54 LAB0oncore opennac-admonportal[24554]: apiCallfromAdmonportal call=GET http://localhost/api/statusinfrastructure?file=0
- opennac-agent-audit.log
This log contains all the information that opennac receives from the opennac Agent. This log will also contain more detailed information if opennac is in debug mode.
Path /var/log/opennac/opennac-agent-audit.log
Feb 10 11:02:19 LAB0oncore opennac-user-agent[14155]: UserAgent [Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15] OS [Mac OS X 10.15.1] Browser [Safari 13.0.3] Device []
Feb 10 11:29:59 LAB0oncore opennac-user-agent[22670]: UserAgent Error [Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)] OS [Other] Browser [Other] Device []
- opennac-analytics.log
This log contains the information related to the devices. This is stored as a json. This log is fed to the analytics.
Path /var/log/opennac/opennac-analytics.log
2019-06-03T16:18:42.388124+02:00 localhost opennac-poc-sensor[22861]: {"module":"poleval","uri":"1f4c32ee-716c-11e9-8066-6f6e636f7265","ip":"10.10.18.84","rule":"SNMP Access Allow","userid":"","netdev":"10.10.37.5","netdevport":"05","netdevmac":"00:1C:0E:97:39:81","hostname":"ALVARO-LAPTOP","source":"SNMP","fullsource":"","ssid":"","businessProfiles":[],"mac":"10:7B:44:B7:66:B3","status":2,"statustxt":"LOGOUT","statusmsg":"","trackidevent":"7d576770-860a-11e9-8170-6f6e636f7265","trackid":"c66b0d56-8608-11e9-9f18-6f6e636f7265","sessionid":"10:7B:44:B7:66:B3","tags_on":["BDA_JVC_HA-S20BT","CDT_BAREMETAL","DFP_DESKTOP","DOS_WINDOWS_10","EPT_DESKTOP","IAI_7-ZIP_19.00_X64_EDITION_19.00.00.0","IAI_BACKUP_AND_SYNC_FROM_GOOGLE_3.43.4275.9540","IAI_CITRIX_RECEIVER_14.12.0.18020","IAI_CONTROLADOR_DE_GRFICOS_INTEL_21.20.16.4550","IAI_FORK_-_A_FAST_AND_FRIENDLY_GIT_CLIENT_1.31.1","IAI_GLOBALPROTECT_3.0.3","IAI_GOOGLE_CHROME_74.0.3729.157","IAI_KB2565063","IAI_KB4470502","IAI_KB4470788","IAI_KB4480056","IAI_KB4480979","IAI_KB4489907","IAI_KB4493478","IAI_KB4493510","IAI_KB4495590","IAI_KB4495667","IAI_KB4497932","IAI_KB4499728","IAI_KEEPASSXC_2.3.4","IAI_MICROSOFT_OFFICE_365_BUSINESS_-_ES-ES_16.0.11601.20178","IAI_MICROSOFT_VISUAL_C_2005_REDISTRIBUTABLE_8.0.56336","IAI_MICROSOFT_VISUAL_C_2005_REDISTRIBUTABLE_X64_8.0.56336","IAI_MICROSOFT_VISUAL_C_2008_REDISTRIBUTABLE_-_X64_.17_9.0.30729","IAI_MICROSOFT_VISUAL_C_2008_REDISTRIBUTABLE_-_X86_.17_9.0.30729","IAI_MICROSOFT_VISUAL_C_2010_X64_REDISTRIBUTABLE_-_10.0.40219","IAI_MICROSOFT_VISUAL_C_2010_X86_REDISTRIBUTABLE_-_10.0.40219","IAI_MICROSOFT_VISUAL_C_2012_REDISTRIBUTABLE_X64_-_11.0.61030.0","IAI_MICROSOFT_VISUAL_C_2012_REDISTRIBUTABLE_X86_-_11.0.61030.0","IAI_MICROSOFT_VISUAL_C_2013_REDISTRIBUTABLE_X64_-_12.0.30501.0","IAI_MICROSOFT_VISUAL_C_2013_REDISTRIBUTABLE_X86_-_12.0.30501.0","IAI_MICROSOFT_VISUAL_C_2017_REDISTRIBUTABLE_X64_-_14.12.25810.0","IAI_MICROSOFT_VISUAL_C_2017_REDISTRIBUTABLE_X86_-_14.12.25810.0","IAI_MOBAXTERM_11.1.0.3860","IAI_MOZILLA_FIREFOX_X64_ES-ES_66.0.5","IAI_MOZILLA_MAINTENANCE_SERVICE_66.0.5","IAI_NOTEPAD_32-BIT_X86_7.6.6","IAI_NVIDIA_CONTROLADOR_DE_GRFICOS_419.35","IAI_NVIDIA_SOFTWARE_DEL_SISTEMA_PHYSX_9.19.0218","IAI_OPENVPN_2.4.7.I603","IAI_ORACLE_VM_VIRTUALBOX_6.0.6","IAI_OWNCLOUD_2.5.4.11415","IAI_QBITTORRENT_4.1.5","IAI_REALTEK_HIGH_DEFINITION_AUDIO_DRIVER_6.0.1.8254","IAI_SPOTIFY_1.1.6.113.GB388FE17","IAI_TAP-WINDOWS_9.21.2","IAI_VLC_MEDIA_PLAYER_3.0.6","IAI_ZOOM_4.3.46560","ISS_AS_ENABLED","ISS_AS_STATUS","ISS_AS_UPDATE","ISS_AV_ENABLED","ISS_AV_STATUS","ISS_AV_UPDATE","ISS_FW_ENABLED","ISS_FW_STATUS","ISS_FW_UPDATE","MAC_107B44","MAC_646E69","NCS_BITLOCKER","ONC_AGENT","ONC_ARCH_X64","ONC_AUTOLEARNED","ONC_WIN_AGENT","RDI_WINDOWS_10_1809","ROS_WINDOWS","VOS_WINDOWS_10_HOME","WCS_IMDEA_SOFTWARE_GUESTS","WSA_DIRECT-DFDESKTOP-LAURENTMSEV","WSA_EDUROAM","WSA_EIT-DIGITAL_GUESTS","WSA_IMDEA_SOFTWARE_2.4","WSA_IMDEA_SOFTWARE_GUESTS","WSA_OPENNAC-CORP"]}
- opennac-api.log
This log contains information related to the requests made against the API. For example, policy evaluations, object creation, etc. Everything that is done in the application is done through the API.
Path /var/log/opennac/opennac-api.log
Mar 3 10:09:54 LAB0oncore opennac-api[24060]: 2020-03-03 10:09:54 INFO: [9373] {"action":"Login user","result":"user logged","input":{"username":"admin"},"method":"AuthController::postAction"}
Mar 3 11:19:14 LAB0oncore opennac-api[24058]: 2020-03-03 11:19:14 ERR: [f1f6] {"action":"error","reason":"Event [MACDISCOVER] ip [10.10.36.176] not defined in our NETWORKS range, add a new NETWORK GW if ip is valid","method":"Application_Model_Onnac::validEval"}
- opennac-api-doc.log
Opennac has a web interface which contains the documentation related to opennac’s API. This is a REST API. This service is mostly used by a client to automate tasks and can be found at “<opennac_ip>/api-doc”. This log contains detailed information related to the api calls done.
Path /var/log/opennac/opennac-api-doc.log
Mar 10 09:14:47 LAB0oncore opennac-api-doc[14796]: apiCallfromAdmonportal call=POST http://localhost/api/auth
Mar 10 09:14:47 LAB0oncore opennac-api-doc[14796]: {"username":"admin","password":"*******","useOnlyLocalRepo":true}
Mar 10 09:14:47 LAB0oncore opennac-api-doc[14796]: Setting session language to 'en'
- opennac-audit.log
This log contains information related to the changes/actions performed by a user through opennac’s administration portal.
Path /var/log/opennac/opennac-audit.log
Feb 14 10:57:39 LAB0oncore opennac-audit[20244]: USER=admin;USER_IP=127.0.0.1;OPERATION=UPDATE;TABLE=DEVICEUSER;ITEMID=6787327386510692356;ITEM={"MACADDRESS":"00:0E:C6:C0:AE:2E","IP":"","MACAUTH":"0","OWNER":"user1","VENDOR":"","MODEL":"","VERSION":"","DEVICE_TYPE":"","LAST_SEEN":"0000-00-00 00:00:00","COMMENT":"MAC autolearned by net device [10.240.5.10] port [50001] from policy rule [] 20200129 12:36:44","MODIFIED":"2020-02-14 10:57:39","MODIFIED_BY":"admin"}
Feb 14 10:57:39 LAB0oncore opennac-audit[20244]: USER=admin;USER_IP=127.0.0.1;OPERATION=FINISH_TRANSACTION
- opennac-backup.log
This log contains information related to the results obtained when generating backups from opennac.
Path /var/log/opennac/opennac-backup.log
20200301_232601 - Exporting database (/var/log/opennac/backup/opennac-db-backup-v1.2.1-0.9479.el6.noarch-20200301_232601.sql)...
20200301_232601 - Packing all files (/backup/opennac-LAB0oncore-
20200301_232601 - Checking tar file (/backup/opennac-LAB0oncore-
20200301_232601 - Removing old backup file (/backup/opennac-LAB0oncore-
- opennac-captive.log
This log contains information related to the captive portal.
Path /var/log/opennac/opennac-captive.log
Mar 10 09:42:01 onLAB opennac-captive[10570]: Common_Model_RestClient call to GET http://localhost:80/api/status successful
Mar 10 09:43:01 onLAB opennac-captive[14797]: REST call: http://localhost/api/status
- opennac-captive-analytics.log
This log contains information related to the captive portal that will be then fed to the opennac analytics. This information could be user access and the path it followed (such as WebAuth_Guest_Email) within the captive portal.
Path /var/log/opennac/opennac-captive-analytics.log
2020-03-01T11:16:15.774447+01:00 oncore01trunk opennac-captive-analytics[29456]: {"userId":"babyashnash@gmail.com","macaddress":"","captiveServer":"127.0.0.1","workflowName":"WebAuth_Guest_Email","authentication":"email","authenticationError":"","fallbackUsed":false,"primaryAuth":"","primaryAuthError":"","inputParams":"{\"cmd\":\"login\",\"mac\":\"20:32:6c:38:7d:85\",\"essid\":\"opennac-Guest\",\"ip\":\"10.251.2.200\",\"apname\":\"70:3a:0e:c6:fd:d4\",\"vcname\":\"madrid-C6:FD:D4\",\"switchip\":\"opencloudfactory.net\",\"url\":\"http:\\\/\\\/connectivitycheck.gstatic.com\\\/generate_204\",\"serverIp\":\"poc002.opencloudfactory.com\\\/captive-portal\"}","status":"timeout","initExecutionTimestamp":"1582916370","executionTimeSeconds":300}
- opennac-cron.log
This log contains all the information related to unhandled errors that may arise at the moment in which a cron (task to be executed) is searched for.
Path /var/log/opennac/opennac-cron.log
PHP Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]
- opennac-ddbb.log
This log contains information related to the tasks/actions that the opennac application performs with the database. This are actions such as SELECTs, INSERTs, DELETEs, etc.
Path /var/log/opennac/opennac-ddbb.log
Mar 10 11:00:23 LAB0oncore opennac-ddbb[23156]: {"action":"Update","result":1,"statement":"UPDATE `DEVICEUSER` SET `MACADDRESS` = ?, `IP` = ?, `OWNER` = ?, `VENDOR` = ?, `MODEL` = ?, `VERSION` = ?, `DEVICE_TYPE` = ?, `LAST_SEEN` = ?, `COMMENT` = ?, `MODIFIED` = ?, `MODIFIED_BY` = ? WHERE (ID = '6785076599369764877')","executionTime":0.00040102005004883,"method":"Common_Model_AbstractDbMapper::update"}
- dhcpreader_startup.log
This log contains information related to the “dhcpreader” program. This program is used to read the logs of a local DHCP server and thus be able to obtain the IpMac of the devices.
This log is not used in version 1.2.1
Path /var/log/opennac/dhcpreader_startup.log
- opennac-health.log
This log is being written to to verify that syslog is working correctly through the healthcheck.
Path /var/log/opennac/opennac-health.log
Mar 11 09:43:04 LAB0oncore opennac-health[30083]: nac health status check
- healthcheck.log
This log contains information related to the errors that might occur when healthcheck is being executed.
Path /var/log/opennac/healthcheck.log
Warning [14/02/2020 11:11:01]: Lock file /tmp/healthcheck.lock found!
Warning [14/02/2020 11:11:01]: Another instance of the script is active! Exiting...
- opennac-job.log
This log contains all the information related to opennac’s workers. By default, opennac has 40 workers executing tasks. Within its tasks, the worker will execute programs such as and not limited to nmap used in the Discover plugin. These programs will have log files which are configured to forward the information to this log.
Opennac has a debugging mode in which more information is stored in the logs. This is quite useful for troubleshooting, as detailed information of each worker’s tasks will be found in this log. To enable debugging open the following file “/usr/share/opennac/api/application/configs/api.ini” and change the value in the following line resources.log.syslog.filterParams.priority = 7 from 6 to 7. Be aware that this log will store much more information than before and, thus, after debugging, it is recommended to switch back to the previous configuration.
Path /var/log/opennac/opennac-job.log
Mar 9 10:20:08 LAB0oncore opennac-job[25169]: 2020-03-09 10:20:08 DEBUG: [25152] [25169] Worker netconf [10:20:08 20200309] trackid [6802135569255108629] //23/ Done in 5.2997028827667s
Mar 9 11:24:30 LAB0oncore opennac-job[25174]: 2020-03-09 11:24:30 DEBUG: [25152] discover::snmpSysObjId: SNMP community used [public]
Mar 9 11:24:38 LAB0oncore opennac-job[25174]: 2020-03-09 11:24:38 DEBUG: [25152] discover::onAuth: Result onAuthPlugin [false]
- opennac-macport.log
This log contains information related to the MACs found in each switch port. This information is then fed to the opennac analytics.
The log format is as follows: Switch’s IP, all the MACs connected, and the quantity of MACs connected.
Path /var/log/opennac/opennac-macport.log
2020-03-10T08:31:37.108791+01:00 LAB0oncore opennac-macport[17236]: {"netdevport":"50001","netdev":"10.10.36.23","macs":"3C:52:82:D9:CE:86,40:6C:8F:36:A2:2E,10:F1:F2:37:07:D1,C8:69:CD:A5:40:CC,38:C9:86:01:A8:AF,E0:89:7E:24:AA:85,A8:DB:03:93:0E:0C,8C:85:90:47:3B:07,8C:29:37:F0:1E:8C,A4:50:46:33:F6:1F,C0:EE:FB:58:81:18,08:F4:AB:7D:99:C5,B8:08:CF:D1:EA:75,88:78:73:FC:3A:82,8C:F5:A3:E8:70:D4,F8:FF:C2:5A:4E:B5,8C:29:37:F0:1F:A0","qty":17}
- opennac-mobile-connect-audit.log
This log contains detailed information related all the actions produced by the mobile connect service.
Path /var/log/opennac/opennac-mobile-connect-audit.log
- opennac-nd-analytics.log
This log contains information related to the network devices. This information is stored as a json and it is then fed to the opennac analytics.
Path /var/log/opennac/opennac-nd-analytics.log
2020-02-12T10:00:22.537092+01:00 LAB0oncore opennac-network-device[23695]: {"id":"6787315696054308870","ip":"10.240.5.10","ipmanagement":"0.0.0.0","description":"","hostname":"","serialNumber":"","idtiphi":"","version":"","macaddress":"","snmpVersion":0,"snmpro":"","snmprw":"","snmp3SecurityName":"","snmp3SecurityLevel":"","snmp3AuthProtocol":"","snmp3AuthPassPhrase":"","snmp3PrivacyProtocol":"","snmp3PrivacyPassPhrase":"","coaPwd":"","coaPort":"","disconnType":"","purchaseDate":null,"purchaseOrder":"","warranty":null,"maintenance":null,"eol":null,"conntype":"ssh","telnetuser":"opennac","telnetpass":"********","privilege":"********","location":"","bkpconntype":"","bkpuser":"","bkppass":"","bkpip":"0.0.0.0","bkppath":"","bkpfilename":"","bkpprivilege":"","brand":"Cisco","model":"Generic","brandmodel":"Cisco\/Generic","cmdbcustom":[],"macVendor":"","checkCompliance":false,"complianceStatus":"0","complianceLists":[],"complianceListNames":[],"numComplianceGroupsPassed":0,"numComplianceGroupsFailed":0,"numComplianceTestsPassed":0,"numComplianceTestsFailed":0,"numComplianceRulesPassed":0,"numComplianceRulesFailed":0,"tagsDescription":{"ONC_AUTOLEARNED":"Device autolearned"},"type":"100","enabled":true,"touchedTags":[],"addedTags":[],"removedTags":[],"created":"2020-01-29T11:51:22+01:00","createdBy":"admin","modified":"2020-02-12T10:00:22+01:00","modifiedBy":"admin","tags_on":["ONC_AUTOLEARNED"]}
- opennac-netdev-compliance.log
This log contains the information used to create the network device compliance dashboards. This is stored as a json. This log is fed to the analytics.
Path /var/log/opennac/opennac-netdev-compliance.log
2020-02-12T12:12:22.303029+01:00 LAB0oncore opennac-netdev-compliance[1175]: {"deviceId":"6787315696054308870","deviceIp":"10.240.5.10","deviceIpManagement":"0.0.0.0","deviceBrand":"Cisco","deviceModel":"Generic","deviceHostname":"2960-8p","deviceLocation":"","deviceVersion":"15.0(2)SE11","deviceMacaddress":"1C:E6:C7:C3:7C:00","deviceSerialNumber":"FOC1644W06G","devicePurchaseDate":"","devicePurchaseOrder":"","deviceWarranty":"","deviceMaintenance":"","deviceEol":"","deviceTags":"ONC_AUTOLEARNED","complianceTestGroupId":"6790315131269025803","complianceTestGroup":"IOS_LAN_PORTS","complianceTest":["IOS_LAN_PORTS"],"complianceRule":["IOS_LAN_PORT_STATUS_DETAIL","IOS_LAN_PORT_STATUS_GLOBAL"],"complianceStatus":100,"complianceResultTag":"CGP_IOS_LAN_PORTS"}
- opennac-poleval-audit.log
This log contains the information related to the audit of the policy evaluation execution.
There is something interesting about this log called Fake Evals. After adding / removing a tag to a device, a fake policy evaluation is performed in order to evaluate whether that device, with these changes, should switch its vlan or not, or whether it matches another policy or not. If the answer is positive, if it matches another category and it has to change the vlan, a true policy evaluation is forced. A toggle port request is placed, and the rule is re-evaluated so that the device matches the appropriate policy.
Path /var/log/opennac/opennac-poleval-audit.log
Mar 10 10:11:19 LAB0oncore opennac-poleval-audit[27806]: found matching policy source[VISIBILITY] policy[6787296414645882889] rule[1] vlan applied[0] vsa[] alert[]: 08:00:27:2B:CB:AC///
Mar 10 09:13:01 LAB0oncore opennac-poleval-audit[23583]: found matching policy source[VISIBILITY] policy[6787296414645882889] rule[1] vlan applied[0] vsa[] alert[]: 4C:80:93:71:C7:85/0.0.0.0// [fake eval]
- opennac-poleval.log
This log contains the information related to the results of policy evaluations. This contains data such as the device’s MAC, the status of the evaluation and the time it took to be completed (0.055 + 0.1 is what it took opennac to evaluate the policy and reply to the switch).
Path /var/log/opennac/opennac-poleval.log
Mar 11 08:03:06 LAB0oncore opennac[29034]: Policy eval on [user,mac,netdev,netdevport,netdevportid,source,status] [,1C:E6:C7:C3:7C:40,0.0.0.0,,,PLUGIN,1] matches policy rule [id,num,name] [6787296414645882889,1,Visibility] vlan [0] vlanid[0] returned perfdata[0.055+0.1~0.099(0.077/0/0.013)]
- opennac-queues.log
This log contains all the information related to opennac’s workers errors. Everything that the workers execute which is not redirected to another log, will appear in this log. For example, this could be and not limited to nmap, netfonf, netbackp execution errors.
Path /var/log/opennac/opennac-queues.log
[20200309102008] Exception detected job[NetConf] pid[25169]: ssh2_auth_password(): Authentication failed for opennac using password
- ntlm_auth_exec_time.log
This log contains information related to the time it takes for NTLM authorizations to process (time it takes since opennac sends the request and the authorization is given). The times stored in this log will vary from implementation to implementation. Usually a number of 0.0X will be the normal behaviour, but in some other implementations, this number will be higher, thus, it is important to analyse what is considered normal in each implementation in order to draw adequate conclusions.
Path /var/log/opennac/ntlm_auth_exec_time.log
1.37
- ntlm_auth_exec_time_exceeded.log
This log contains information related to the NTLM requests that took longer than a threshold to be processed. This threshold is defined in the “/usr/bin/opennac_auth” file on the line NTLM_EXCEED_MILISECONDS=1000. This log contains the date-time and the actual time that the authorization took to be processed. These times will be between the defined threshold and ten seconds (after this time the communication will timeout).
Path /var/log/opennac/ntlm_auth_exec_time_exceeded.log
2020/02/18_113610 3967
- opennac-userportal.log
This log contains the information related with the use portal interactions. For example, when a user enters the user portal, or what things the application (user portal application) has done or loaded.
Path /var/log/opennac/opennac-userportal.log
Mar 11 09:11:01 LAB0oncore opennac-userportal[11719]: api call=GET http://localhost/api/status?count=1
- opennac-access.log
This log contains the apache information related to API, such as the requests.
Path /var/log/httpd/opennac-access_log
127.0.0.1 - - [12/Mar/2020:12:39:34 +0100] "GET /api/metric/snmpmacchange_worker HTTP/1.1" 200 170 "-" "collectd/4.10.9" 108 355 18124
127.0.0.1 - - [12/Mar/2020:12:39:41 +0100] "GET /api/healthcheck?file=0 HTTP/1.1" 200 5723 "-" "Zend_Http_Client" 366 5909 41097
- opennac-error.log
This log contains the apache error information related to API.
Path /var/log/httpd/opennac-error_log
[Wed Jan 22 13:48:02 2020] [error] [client 127.0.0.1] PHP Warning: fsockopen(): unable to connect to 127.0.0.1:4730 (Connection refused) in /usr/share/opennac/api/library/Common/QueueAdmin.php on line 173
[Wed Jan 22 13:48:02 2020] [error] [client 127.0.0.1] PHP Warning: GearmanClient::doHighBackground(): send_packet(GEARMAN_COULD_NOT_CONNECT) Failed to send server-options packet -> libgearman/connection.cc:485 in /usr/share/opennac/api/library/Common/QueueAdmin.php on line 346
- opennac-https-access.log
This log contains the apache information related to the admonportal and the agent.
Path /var/log/httpd/opennac-https-access_log
10.20.250.134 - - [12/Mar/2020:12:43:49 +0100] "GET /admin/rest/healthcheck HTTP/1.1" 200 5769 "https://10.10.36.138/admin/" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0" 1041 6312 152472
127.0.0.1 - - [12/Mar/2020:12:44:03 +0100] "GET /admin/auth/login HTTP/1.1" 200 150924 "-" "check_http/v2.3.1 (nagios-plugins 2.3.1)" 535 153059 99513
10.20.250.134 - - [12/Mar/2020:12:44:20 +0100] "GET /admin/rest/healthcheck HTTP/1.1" 200 5769 "https://10.10.36.138/admin/" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0" 1041 6312 199611
- opennac-https-error.log
This log contains the apache error information related to the admonportal and the agent.
Path /var/log/httpd/opennac-https-error_log
[Sun Mar 08 03:21:02 2020] [warn] RSA server certificate CommonName (CN) `opennac.test' does NOT match server name!?
- messages.log
This log contains global system messages such as the system error messages, system startups and shutdowns, change in the network configuration, etc.
Path /var/log/messages
Mar 8 06:26:01 LAB0oncore auditd[1432]: Audit daemon rotating log files
Mar 8 06:40:09 LAB0oncore named[1531]: managed-keys-zone ./IN/registry: Failed to create fetch for DNSKEY update
- redis.log
This log contains the information related to the redis application.
Path /var/log/redis/redis.log
1550:M 23 Jan 11:59:11.686 * The server is now ready to accept connections on port 6379
1550:M 23 Jan 11:59:11.943 * Secondary 172.16.0.10:6379 asks for synchronization
1550:M 23 Jan 11:59:11.944 * Full resync requested by slave 172.16.0.10:6379
1550:M 23 Jan 11:59:11.944 * Delay next BGSAVE for diskless SYNC
1547:M 23 Jan 09:13:28.299 * Background RDB transfer terminated with success
- filebeat
This log contains all the events related to the data being sent to the analytics.
Path /var/log/filebeat/filebeat
2020-03-11T09:44:27.614+0100 INFO [monitoring] log/log.go:145 Non-zero metrics in the last 30s {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":996140,"time":{"ms":55}},"total":{"ticks":1655490,"time":{"ms":95},"value":1655490},"user":{"ticks":659350,"time":{"ms":40}}},"handles":{"limit":{"hard":4096,"soft":1024},"open":7},"info":{"ephemeral_id":"24a64d6e-f815-4888-820b-06debb9a08d2","uptime":{"ms":506190027}},"memstats":{"gc_next":6944400,"memory_alloc":5240680,"memory_total":36216094832},"runtime":{"goroutines":35}},"filebeat":{"events":{"added":3,"done":3},"harvester":{"open_files":2,"running":2}},"libbeat":{"config":{"module":{"running":0}},"output":{"events":{"acked":3,"batches":2,"total":3},"read":{"bytes":12},"write":{"bytes":1261}},"pipeline":{"clients":2,"events":{"active":0,"published":3,"total":3},"queue":{"acked":3}}},"registrar":{"states":{"current":6,"update":3},"writes":{"success":2,"total":2}},"system":{"load":{"1":0.11,"15":0.17,"5":0.14,"norm":{"1":0.0275,"15":0.0425,"5":0.035}}}}}}