[sysmon-help] Frequently failing Sysmon ping tests...
Morgan Aldridge
morgant at makkintosshu.com
Fri Jul 31 08:16:35 EDT 2009
On Fri, Jul 31, 2009 at 7:47 AM, Morgan
Aldridge<morgant at makkintosshu.com> wrote:
>
> So, where do I start my troubleshooting? I'm not ready to give up Sysmon yet.
I enabled debugging (-D) on sysmond and it barely makes it a minute
before crashing. Relating to ping/icmp, I see the following note:
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: sysmond: INFO:
hold queue set to 480000 for icmp packets
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: sysmond: INFO:
hold queue set to 480000 for icmpv6 packets
And I see a few lines such as this for a few hosts:
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]:
service_this:Servicing entry in queue of bento.makkintosshu.com:ping
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: setting up ping
of host bento.makkintosshu.com
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: Estimated number
of entries in dns cache is 17
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: icmp.c:Created
ICMP identity id of 3
Jul 31 07:57:15 bento /usr/local/bin/sysmond[99375]: icmp.c:Sent an
ICMP echo-request to bento.makkintosshu.com
But since it doesn't even seem to get through the tests for all the
objects before it crashes, I don't get a chance to see a ping/icmp
error.
Morgan Aldridge
---
morgant at makkintosshu.com
http://www.makkintosshu.com/
More information about the Sysmon-help
mailing list