[Bug 820895] Re: Log File Viewer does not log "Process Name"

Robbie Williamson robbie.williamson at canonical.com
Thu Jan 26 03:45:06 UTC 2012 

nethogs and netstat can connect pids to program names, so in theory someone could add this functionality to iptables.  You could also setup a cron job to regularly log netstat output for all network connections to a file.  For example, the following command ran as root will timestamp and log all network connections every 5 seconds to log.txt:
   # while [ 1 == 1 ]; do date >> log.txt; netstat -pn -A inet --wide >> log.txt; sleep 5 ; done
You can run without root privledge, however process you don't own won't be included.  Hope this helps a little.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/820895

Title:
  Log File Viewer does not log "Process Name"

Status in “rsyslog” package in Ubuntu:
  Won't Fix

Bug description:
  The gnome "Log File Viewer" does not log the Process Name (or
  Application Name) that generated the log item. For example, if an
  outbound internet connection is blocked and this event is logged, only
  the "ID" (i.e., PID) is shown in the report. But the PID is useless
  because it is ephemeral and does not live past the session. Users are
  left with no way to learn what Application or Process was responsible
  for generating the log item.

  The "Process Name" should be listed in log items instead of the PID.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.04
  Package: gnome-utils 2.30.0-0ubuntu1
  ProcVersionSignature: Ubuntu 2.6.32-33.71-generic 2.6.32.41+drm33.18
  Uname: Linux 2.6.32-33-generic i686
  Architecture: i386
  Date: Thu Aug  4 08:05:47 2011
  ExecutablePath: /usr/bin/gnome-system-log
  InstallationMedia: Ubuntu 10.04.1 LTS "Lucid Lynx" - Release i386 (20100816.1)
  ProcEnviron:
   LC_TIME=en_GB.UTF-8
   LANG=en_US.utf8
   SHELL=/bin/bash
  SourcePackage: gnome-utils
  XsessionErrors: (polkit-gnome-authentication-agent-1:1444): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/820895/+subscriptions

More information about the foundations-bugs mailing list