Highest Voted 'logwatch' Questions - Server Fault Stack Exchange

2

votes

1 answer

Suppress log messages about minor 3ware disk temperature changes on CentOS?

I have a number of CentOS 5 servers which use 3ware RAID controllers. These servers are bugging my team with messages about minor temperature changes, like this: Jun 8 12:32:39 HOST smartd[1231]: Device: /dev/twa0 [3ware_disk_01], SMART Usage…

logging logwatch 3ware

asked Jun 08 '12 at 20:04

Stefan Lasiewski

23,667
41
132
186

2

votes

1 answer

How should I setup email log notifications on Debian server

I've built lots of Debian servers. They hardly ever fail but when they do I've never had a good enough logging system. So I told myself this time would be different. I've got Apache2 and MySQL happy and working with Name Based Virtual Hosting. I've…

linux debian logging logwatch

asked May 26 '12 at 09:11

Gareth

8,573
13
44
44

2

votes

1 answer

Logwatch httpd - hacks and probes

Sometimes in my daily logwatch report, I notice that there is a section under httpd for "attempts to use known hacks..." and another section about how many sites probed the server. I have a few questions about these sections: Is apache or logwatch…

linux apache-2.2 security hacking logwatch

asked May 09 '12 at 13:42

Aaron

722
2
10
19

2

votes

1 answer

Apache logs on Debian GNU/Linux shows windows executable files

I use logwatch to watch my server logs. It shows this in httpd log section: 19033 Windows executable files (502.53 MB) This is a Debian GNU/Linux server. So it shouldn't be any Windows executables. I couldn't find any neither. Is this some kind of…

apache-2.2 debian logwatch

asked Feb 24 '12 at 08:38

Redrain

21
1

2

votes

1 answer

Via logwatch, I get messages that root is opening sessions "-> nobody". Is this a security concern, or normal operation?

Here are some lines from logwatch: pam_unix sshd: Authentication Failures: root (211.167.103.115): 5 Time(s) unknown (219.239.110.139): 1 Time(s) Invalid Users: Unknown Account: 1 Time(s) su: Sessions Opened: root ->…

security ssh logging logwatch

asked May 20 '11 at 15:36

Kzqai

1,278
4
18
32

2

votes

1 answer

Is Nagios capable of covering the functionality of Logwatch?

I have decided to adopt Nagios for our infrastructure. We were going to use Logwatch, but after seeing some of the things in Nagios like log rotation I am wondering if Nagios is capable of sending daily\weekly reports similiar to Logwatch aka…

nagios logwatch

asked Aug 20 '10 at 19:18

Joshua Enfield

3,454
8
42
59

2

votes

1 answer

What is this possible Apache exploit, and am I affected?

I had this warning in my daily logwatch digest this morning: A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): …

apache2 logwatch exploit

asked Apr 25 '22 at 10:14

Darren

331
3
4
13

2

votes

1 answer

http logfile filter is not shown on report

I'm on debian 10.4 and I've a fresh installation of logwatch. Everything works as expected except logwatch (ver. 7.5.0) that output everything except http logs report. I ran logwatch with --debug med and on debug output I've seen: Preprocessing…

nginx debian logwatch

asked Jun 14 '20 at 09:31

Francesco Piraneo G.

71
4

1

vote

2 answers

Logwatch Emails marked as spam; how to stop reverse DNS on bot hosts?

Is there a way to alter the Logwatch settings such that it stops performing reverse dns name resolution on all the hosts which tried to probe the server or were blocked? These URLs are causing the emails to be blocked, particularly by Gmail, and…

ubuntu spam gmail logwatch

asked Aug 01 '19 at 18:28

RedScourge

147
5

1

vote

0 answers

Configure logwatch on CentOS 7 with apache httpd behind CloudFlare

How do I get logwatch to output the IP addresses that probe my http server? It does not seem to output IP addresses although they are shown in the apache logs. ################### Logwatch 7.4.0 (03/01/11) #################### Processing…

centos7 logwatch

asked Aug 02 '18 at 10:14

Nick M

121
5

1

vote

1 answer

What does this entry "smtp_stream_setup" in my postfix log mean?

My logwatch shows me every day lots of these messages from my postfix log. Can anyone explain what it means? 1 Jan 2 14:01:50 interface postfix/smtpd[21465]: smtp_stream_setup: maxtime=300 enable_deadline=0 Any hint is highly appreciated

postfix log-files logwatch

asked Jan 04 '17 at 07:27

fabianmoronzirfas

153
7

1

vote

3 answers

Logwatch sends me 2 copies of yesterday's server activity, why?

I use Logwatch to track what is going on on one of my Fedora 11 boxes. Since updating it from an older Fedora release I now get 2 copies of the same information to my inbox. I cannot find where this might be getting duplicated. I was assuming it…

fedora logwatch cron.daily

asked Oct 29 '09 at 14:37

ricbax

169
1
12

1

vote

0 answers

Logwatch for multiple log 'root directories' on a central log server?

I have multiple clusters, each with a service machine that also collects all the logs (rsyslog and RELP). I started separating them to /data/logs//* so the messages, maillog and other files are separate for each remote host in its own…

logwatch centralized-logging

asked Jul 02 '16 at 11:36

Ira

139
1
2

1

vote

1 answer

Configure logwatch to only email when there is something to report

Is there a way to get logwatch, instead of always sending a daily report, to only email a report when there is a problem, i.e. the filtered logs aren't empty?

logwatch

asked Apr 22 '15 at 19:21

Ghopper21

113
10

1

vote

1 answer

How to Use Logwatch With JBoss Logs

I'm successfully using Logwatch for Tomcat and Apache but not for JBoss. For some reason Logwatch can not access any files under the JBoss directory. Is there anything I can do to make this work? I'm trying to use Logwatch with JBoss nohup.out…

jboss logwatch

asked May 07 '13 at 15:02

Mike T

493
1
4
6

Questions tagged [logwatch]