Enable Remote Logging in Rsyslog on Linux (Debian, Ubuntu, CentOS, Fedora)

Edit the rsyslog file

sudo vi /etc/rsyslog.conf

add the following. Change out the IP address for your remote syslog server IP address.

The syntax for this has changes. Newer recommended way is

*.*  action(type="omfwd" target="192.0.10.5" port="514" protocol="tcp"

Old Syntax

## rsyslog Server
*.*     @10.0.10.5:514

https://www.rsyslog.com/sending-messages-to-a-remote-syslog-server/

Restart the rsyslog service and check your remote log server.

systemctl restart rsyslog

If you are having issues viewing logs in LibreNMS, try adding the hostname in the /etc/rsyslog.conf file

$LocalHostName server.hostname.com

How to Find Yesterdays Date in Linux

The wrong way to find yesterdays date:

I had a command that was used to see if. It used some arithmetic operators to subtract 1 from the current day. That would give us yesterdays day which we could then use to check if a backup was created then.

day=$(date +%d) ; date=$(($day - 1)) ; echo "yesterday date is $date"

It worked great, unless you happened to be on the 8th or 9th of the month. Looks like bash is interpreting 08 and 09 in octal format. https://stackoverflow.com/questions/24777597/value-too-great-for-base-error-token-is-08

-bash: 08: value too great for base (error token is "08")

The better way

Fortunately there is an easier and more reliable way to do this. Using the date command, you can specify yesterday and it will print out yesterdays date.

date --date=yesterday +%d

Much easier to use.

Some more info.

https://www.cyberciti.biz/tips/linux-unix-get-yesterdays-tomorrows-date.html?cf_chl_captcha_tk=N9iBfod_b0qUxjB2jIGlETgiZ.JXSxGpLmvQ83CzBvY-1636407896-0-gaNycGzNBmU

https://stackoverflow.com/questions/18180581/subtract-days-from-a-date-in-bash

Linux commands for CPU, RAM and GPU info

Some helpful commands for showing hardware information on Linux.

Show memory speed

sudo dmidecode --type 17

Show CPU Frequency in MHz

cat /proc/cpuinfo | grep MHz

Show a bunch of system info with inxi, may need to install it.

inxi 

Another cool program is screenfetch. Gives a nice overview of system specs

sudo dnf install screenfetch

and run with

screenfetch

Error Setting up Base Repository While Installing CentOS Stream 8

https://www.networkshinobi.com/centos-8-error-setting-up-base-repository/

Not sure why it was giving an error. But to resolve the issue

click on “Software Sources”

On the Network line put http://mirror.centos.org/centos-8/8/BaseOS/x86_64/os/

Should be able to go back to the previous page and select what you want to install.

Enable Logging for firewalld

Enabling logging on firewall rules can be beneficial for tracking why a certain rule is not behaving as you intended.

Enabling logging is relatively straight forward.

  • Enable Firewall Logging
  • Check Logs
  • Disable Firewall Logging (Optional)

Enable Firewall Logging

Quickest way to enable logging is to run

sudo firewall-cmd --set-log-denied=all

This changes the options in the /etc/firewalld/firewalld.conf config file. Options include all, unicast, broadcast, multicast, and off

Enable Log option for firewalld

The command also reloads the firewall so manually restarting the firewall is necessary.

Checking Logs

You can use dmesg to view the failed attempts or you can follow the messages log and filter to just show the rejects

sudo tail -f /var/log/messages | grep -i REJECT

You can now try to access the server or run a test to trigger a log event. In my case I tried initiating a SSH connection.

Oct  1 16:32:10 localhost kernel: FINAL_REJECT: IN=eno1 OUT= MAC=f8:ab:98:12:fe:11:a1:ec:a6:00:67:3e:97:00 SRC=192.168.1.1 DST=192.168.88.2 LEN=60 TOS=0x08 PREC=0x40 TTL=59 ID=43080 DF PROTO=TCP SPT=38192 DPT=22 WINDOW=52240 RES=0x00 SYN URGP=0

Interesting bits are bolded. Our destination port it 22 “ssh” and our source address is 192.168.1.1. If I want this IP to access the server, I’ll need to add the 192.168.1.1 IP range in the allowed IP ranges.

Disable Logging (Optional)

After you have finished troubleshooting your problem, you may want to turn the logging feature off so you don’t fill up the logs with failed entries.

You can turn it off with

sudo firewall-cmd --set-log-denied=off

We can verify that logging is off by running

sudo firewall-cmd --get-log-denied 

If the firewall logging option is off it will return “off”

The following site has some more information and alternative ways

https://www.cyberciti.biz/faq/enable-firewalld-logging-for-denied-packets-on-linux/

Set coolbits value on Fedora Linux

You sometimes need to set the coolbits value to overclock your GPU on Linux

You’ll need to install nvidia-xconfig

sudo dnf install nvidia-xconfig

Then you can set the cool bits value with the following command. Change 24 to the appropriate cool bits value. Refer to the link below.

sudo nvidia-xconfig --cool-bits=28

It’ll create a new xorg config file. Reboot to take advantage of cool bits being enabled.

Multiple GPUs

If you have multiple GPUs, you will need to do the following to enable cool bits on each GPU.

sudo nvidia-xconfig -a --cool-bits=28 --allow-empty-initial-configuration

https://wiki.archlinux.org/title/NVIDIA/Tips_and_tricks#Enabling_overclocking

LibreNMS Error Running ./validate.php – Database: incorrect column…

LibreNMS error while running ./validate.php

Recently I started getting the following error while running ./validate.php.

$ sudo -u librenms ./validate.php
====================================
Component | Version
--------- | -------
LibreNMS  | 21.8.0-41-g0a76ca4
DB Schema | 2021_08_26_093522_config_value_to_medium_text (217)
PHP       | 7.4.20
Python    | 3.6.8
MySQL     | 10.5.10-MariaDB
RRDTool   | 1.4.8
SNMP      | NET-SNMP 5.7.2
====================================

[OK]    Composer Version: 2.1.6
[OK]    Dependencies up-to-date.
[OK]    Database connection successful
[FAIL]  Database: incorrect column (notifications/datetime)
[FAIL]  Database: incorrect column (users/created_at)
[FAIL]  We have detected that your database schema may be wrong, please report the following to us on Discord (https://t.libren.ms/discord) or the community site (https://t.libren.ms/5gscd):
        [FIX]:
        Run the following SQL statements to fix.
        SQL Statements:
         SET TIME_ZONE='+00:00';
         ALTER TABLE `notifications` CHANGE `datetime` `datetime` timestamp NOT NULL DEFAULT '1970-01-02 00:00:00' ;
         ALTER TABLE `users` CHANGE `created_at` `created_at` timestamp NOT NULL DEFAULT '1970-01-02 00:00:01' ;

Reading online it sounds like some of the recent changes are causing the issue. Looks fairly easy to resolve though.

First we’ll need to get a MySQL prompt. We’ll do that by running

mysql -u librenms -p librenms

It’ll ask use for the librenms user’s mysql password.

Once we have the MySQL prompt we can just copy and paste the commands in.

SET TIME_ZONE='+00:00';
ALTER TABLE `notifications` CHANGE `datetime` `datetime` timestamp NOT NULL DEFAULT '1970-01-02 00:00:00' ;
ALTER TABLE `users` CHANGE `created_at` `created_at` timestamp NOT NULL DEFAULT '1970-01-02 00:00:01' ;

Type ‘quit’ to exit MySQL and lets run the validate script again.

sudo -u librenms ./validate.php

Everything should check out OK.

Using sed to format a phone number

Formatting an unformated “phone” number using sed.

There may be a different and easier way to do this, but the main thing to learn here is the ^, $, and [[:digit:]] options.

^ refers to the first part of a line
& which is our searched for pattern
$ refers to an end part of the line
[[:digit:]] searches for, you guessed it. Digits!

The following command reads the incoming 10 digit number form echo and does the following.

the ^ tells it that the pattern needs to match at the beginning of the line
[[:digit:]] repeated tells it to search for three consecutive digits
(&) tells it to put brackets around the & which is our searched for pattern in the first part.
We then pipe that to another sed command which
searches for 4 consecutive digits
the $ tells it that it needs to be at the end of the line.

echo "1234567890" | sed -e 's/^[[:digit:]][[:digit:]][[:digit:]]/(&) /g' | sed -e 's/[[:digit:]][[:digit:]][[:digit:]][[:digit:]]$/-&/g'

Resulting output is

(123) 456-7890

The following link was helpful while searching what the ^ and $ options do.

https://www.computerhope.com/unix/used.htm

Ping multiple IP addresses to see if they are up or down

An easy way to do this is by using fping. fping is a little bit easier ping utility to use then normal ping when trying to verify that a host is actually down.

By default fping returns if a host is “alive” or “unreachable”

Example:

$ fping 192.168.1.4
192.168.1.4 is alive

Or for a host that is down it returns something like the following

$ fping 192.168.1.5
ICMP Host Unreachable from 192.168.1.2 for ICMP Echo sent to 192.168.1.5
ICMP Host Unreachable from 192.168.1.2 for ICMP Echo sent to 192.168.1.5
ICMP Host Unreachable from 192.168.1.2 for ICMP Echo sent to 192.168.1.5
ICMP Host Unreachable from 192.168.1.2 for ICMP Echo sent to 192.168.1.5
192.168.1.5 is unreachable

You can adjust the retry rate with the -r option, default is 3 which it has multiple of the Host Unreachable lines. Changing it to 1 or 2 gets rid of those lines so it just shows that the host is unreachable.

$ fping -r 1 192.168.1.5
192.168.1.5 is unreachable

Ping multiple addresses

Fortunately pinging multiple addresses with fping is as easy as adding them to the end of the command. For example

fping -r1 192.168.1.1 192.168.1.2

will ping both the specified addresses one after the other and print the results to the terminal.

Example:

$ fping -r 192.168.1.1 192.168.1.10 192.168.1.45  
192.168.1.1 is alive
192.168.1.10 is alive
192.168.1.45 is unreachable