Monthly Archives: December 2014

Virtual machine not powering on in Citrix XenServer 6.2

Today I connected to a CentOS 6 server via SSH and quickly noticed that the file system was in read only mode, after checking a few other Linux servers on the same XenServer host it quickly became apparent that there had been a network issue between the storage and compute layers which caused the Linux file systems to go read only in order to protect themselves.

After not being able to do anything useful within the operating system such as remounting the file system as read/write, I decided that it was time to reboot and force a file system check to pick up and fix any problems, however once the server had shut down it did not power back on as part of the restart task, it also did not power back on when attempting to start it up. This only happened to one VM, all of the others powered back on fine and worked as expected.

Read more »

Monitoring devices by sending syslog to OSSEC

Lately I’ve been working a lot with OSSEC, which is an open source host-based intrusion detection system (HIDS). This has primarily involved installing Linux or Windows based agents onto servers and configuring them to point to the OSSEC server, a process which is straight forward and fairly well documented. Unfortunately you aren’t going to be able to run an agent on some devices, such as those provided by Cisco or Juniper, so we instead have to look towards agentless or syslog monitoring.

Read more »