[Logwatch] Unmatched entries

Fredrik Wahlberg fredrik at wahlberg.se
Tue Jun 22 04:12:17 MST 2004

I've got a bit of a problem with unmatched entries in my secure-log. I'm 
running a Logwatch 5.1 on a Debian system and the auth-log contains a 
million lines like

cron(pam_unix)[11627]: session opened for user list by (uid=0)
cron(pam_unix)[11627]: session closed for user list

These lines are all reported as Unmatched Entries in the secure-log 
section of the Logwatch report.

I've tried to add cron, pam_unix and cron(pam_unix) to the 
$ignore_services line in services/secure.conf but it doesn't seem to help.

How do I make them disappear, or at least be group togheter?


Fredrik Wahlberg	fredrik at wahlberg.se
Kristinehovsgatan 12	Home: +46-8-642 35 23
S-117 29 Stockholm	Mobile: +46-70-576 16 51

More information about the Logwatch mailing list