[Logwatch] (no subject)

Thomas Hillson thillson at iastate.edu
Wed Oct 10 11:49:05 MST 2007


How can I change my logwatch configuration to include the IP Number  
of the system trying to attack my server? I am specifically trying to  
get more information on what Mod_security is putting into my httpd  
log file on RHEL 4 and 5 systems. I get the event but I would like  
the IP Numbers so I can track multiple attacks from the same machine  
and attacks that may be local.

thanks,

Tom

/----------------------------------------------------------------------- 
---
| Tom Hillson            Agriculture Computer Services Manager
|(515) 294-1543          College of Agriculture
|                        Iowa State University
------------------------------------------------------------------------ 
---
|"The only thing I have too much of is too little time"





More information about the Logwatch mailing list