[Logwatch] logwater and syslog-ng problem

Metal Gear finattack at gmail.com
Mon Nov 7 21:10:00 MST 2005


ok following are some of the lines from my log files

Nov  7 10:24:05 robot sshd[15800]: Illegal user star from 192.168.1.5
Nov  7 10:24:09 robot sshd[15802]: Illegal user star from 192.168.1.5
Nov  7 10:24:11 robot sshd[15804]: Illegal user star from 192.168.1.5
Nov  7 10:24:14 robot sshd[15806]: Illegal user star from 192.168.1.5
Nov  7 10:24:17 robot sshd[15808]: Illegal user star from 192.168.1.5
Nov  7 10:24:43 robot sshd[15810]: Failed password for root from
192.168.1.5 port 46731 ssh2
Nov  7 10:24:43 robot sshd[15810]: Failed password for root from
192.168.1.5 port 46731 ssh2
Nov  7 10:24:43 robot sshd[15810]: Failed password for root from
192.168.1.5 port 46731 ssh2
Nov  7 10:24:46 robot sshd[15812]: Failed password for root from
192.168.1.5 port 46733 ssh2
Nov  7 10:24:46 robot sshd[15812]: Failed password for root from
192.168.1.5 port 46733 ssh2
Nov  7 10:24:47 robot sshd[15812]: Failed password for root from
192.168.1.5 port 46733 ssh2
Nov  7 10:24:48 robot sshd[15814]: Failed password for root from
192.168.1.5 port 46738 ssh2
Nov  7 10:24:48 robot sshd[15814]: Failed password for root from
192.168.1.5 port 46738 ssh2
Nov  7 10:24:48 robot sshd[15814]: Failed password for root from
192.168.1.5 port 46738 ssh2
Nov  7 10:24:52 robot sshd[15816]: Failed password for root from
192.168.1.5 port 46742 ssh2
Nov  7 10:24:52 robot sshd[15816]: Failed password for root from
192.168.1.5 port 46742 ssh2
Nov  7 10:24:53 robot sshd[15816]: Failed password for root from
192.168.1.5 port 46742 ssh2

i m only getting the scrolling debugging lines and in the end i get
following lines
TimeFilter: Period is day

TimeFilter: SearchDate is ( 2005-Oct-14 ..h ..m ..s )

TimeFilter: Debug SearchDate is ( 2005-Oct-14 h m s )

Processing Service: zz-fortune
  /usr/bin/perl /etc/log.d/scripts/services/zz-fortune 2>&1

 ################### LogWatch 6.1.2 (06/13/05) ####################
        Processing Initiated: Tue Nov  8 09:05:56 2005
        Date Range Processed: -25 days
                              ( 2005-Oct-14 )
                              Period is day.
      Detail Level of Output: 0
              Type of Output: unformatted
           Logfiles for Host: robot
  ##################################################################

 --------------------- Disk Space Begin ------------------------

 DEBUG: Inside zz-disk-space Filter

 /dev/hda1                              99M    14M    80M  15%  /boot
 /dev/hda2                              18G    13G   4.6G  74%  /


 ---------------------- Disk Space End -------------------------


 ###################### LogWatch End #########################

I donot know about templates what i have done is that i have changed
the messages.conf file like
LogFile = /var/log/hosts/myname/*/messages
Archive = /var/log/hosts/myname/*/messages
*ExpandRepeats
*ApplyStdDate

You are right messages are cumulated in messages-archive
when i use the command
[root at robot 07.11.2005]# logwatch --print --range '-25 days' --archives
then i am getting the following output

 ################### LogWatch 6.1.2 (06/13/05) ####################
        Processing Initiated: Tue Nov  8 09:08:10 2005
        Date Range Processed: -25 days
                              ( 2005-Oct-14 )
                              Period is day.
      Detail Level of Output: 0
              Type of Output: unformatted
           Logfiles for Host: robot
  ##################################################################

 --------------------- Disk Space Begin ------------------------

 /dev/hda1                              99M    14M    80M  15%  /boot
 /dev/hda2                              18G    13G   4.6G  74%  /


 ---------------------- Disk Space End -------------------------


 ###################### LogWatch End #########################

Thanks



More information about the Logwatch mailing list