Please make sure that you have tested and completed all prerequisites.
The file /ts-vyatta/ts-logupload.log will contain the results of the last log upload attempt. A successful one should look like this:
$ cat /home/vyatta/ts-vyatta/ts-logupload.log
[INFO ] : Starting ThreatSTOP logupload operation v2.00 at 31/10/2014
[INFO ] : Verifying supplied CMD data format
[INFO ] : Loading previous configuration
[INFO ] : Initialising data from conf file
[INFO ] : Verifying log file [/var/log/threatstop.log] stats
[INFO ] : Log file [/var/log/threatstop.log] has zerro length... Swit
[DEBUG] : Pointing logfile name to rotated instance /var/log/
[INFO ] : Processing [/var/log/threatstop.log.1] log file into tmp ch
[DEBUG] : Writng into [/tmp/tmplog_0.log] tmp file
[INFO ] : Start sending data
[DEBUG] : Sending /tmp/tmplog_0.log file
[INFO ] : Preparing connection data
[DEBUG] : Sending data ....
[DEBUG] : fname - /tmp/tmplog_0.log
[DEBUG] : fsize - 110592
[DEBUG] : md5 - 6b180b2d9c4329cc95837e0d43f7afa7
[DEBUG] : url - https://threatstop.com/cgi-bin/logupload.pl
[INFO ] : Upload was succesfull [200 OK]
[DEBUG] : Cleaning [/tmp/tmplog_0.log] previous tmp file
[INFO ] : Finish ThreatSTOP logupload operation at 31/10/2014 23:40:0
Check the date and any error messages.
You should also attempt to do a log rotate manually to see the result. To run the log rotate manually, find the logrotate.d command (listed below in bold) in cron and paste the relevant portion into the command prompt.
e.g.
$ sudo crontab -l
# Update the ThreatSTOP lists. Every 2 hours, 26 minutes after the hour
# (00:26, 02:26, 04:26, etc.)
26 */2 * * * /home/vyatta/ts-vyatta/ipsetget.pl
# Force a logrotate if the log is > 100k. Check every 31 minutes after the hour
31 * * * * perl -e'exec q(/usr/sbin/logrotate -f /etc/logrotate.d/messages) if (stat q(/var/log/messages))[7]>100000;'
From this you can extract the logrotate command and run it (with sudo)
$ sudo /usr/sbin/logrotate -f /etc/logrotate.d/messages
Then check the ts-logupload.log file again.
Comments