Re: RH 9 Logwatch: kernel uninitialized value

2003-10-02 Thread Michael Schwendt
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 2 Oct 2003 10:24:12 -0400, Reuben D. Budiardja wrote: > I see these everyday in the logwatch mail to root, on a Redhat 9 box. Anyone > else sees this? Is this something I need to worry about? kernel bug? Nah, logwatch bug. /etc

RH 9 Logwatch: kernel uninitialized value

2003-10-02 Thread Reuben D. Budiardja
Hi, I see these everyday in the logwatch mail to root, on a Redhat 9 box. Anyone else sees this? Is this something I need to worry about? kernel bug? Thanks. RDB - Kernel Begin Use of uninitialized value in left bitshift (<<) at /etc

RE: message of logwatch

2003-08-26 Thread Cowles, Steve
Nabin Limbu wrote: > Hi everybody, > > My logwatch reports me the following message everyday. What does this > mean? Is my mail server trying to relay mail to rapti.mos.com.np or is > rapti.mos.com.np trying to relay mails via my mailserver. > Also how can I stop these junk m

message of logwatch

2003-08-26 Thread Nabin Limbu
Hi everybody, My logwatch reports me the following message everyday. What does this mean? Is my mail server trying to relay mail to rapti.mos.com.np or is rapti.mos.com.np trying to relay mails via my mailserver. Also how can I stop these junk mails. ruleset=check_mail, arg1=<[EMAIL PROTEC

sendmail errors in logwatch

2003-08-14 Thread Bill Tangren
Hey all, I have these errors showing up in my logwatch report (regarding postfix): SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use: 22 Time(s) daemon MTA: problem creating SMTP socket: 22 Time(s) DSN: Return receipt: 2 Time(s) SYSERR(root

Re: sendmail errors in logwatch

2003-08-14 Thread Bill Tangren
Gerry Doris wrote: It looks like you're trying to run more than one sendmail daemon. I've seen similar errors when people run sendmail as a standalone daemon and also try and call sendmail indirectly from an application like MailScanner. I suggest you check all your mail related programs and ve

Re: sendmail errors in logwatch

2003-08-14 Thread Gerry Doris
> Hey all, > > I have these errors showing up in my logwatch report (regarding postfix): > > > SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address > already in use: 22 Time(s) > daemon MTA: problem creating SMTP socket: 22 Time(s) > DS

Re: Logwatch detail levels

2003-07-31 Thread Bill Tangren
: Wednesday, July 30, 2003 9:24 AM To: [EMAIL PROTECTED] Subject: Logwatch detail levels I was wondering if it possible to change what detail level a service shows up under. I realize this seems vague but you'll know what I'm talking about if you know the answer. Thanks. Barry Johnson

Re: Logwatch detail levels

2003-07-30 Thread Mike Vanecek
MAIL PROTECTED] Behalf Of Barry Johnson > > Sent: Wednesday, July 30, 2003 9:24 AM > > To: [EMAIL PROTECTED] > > Subject: Logwatch detail levels > > > > > > I was wondering if it possible to change what detail level a service > > shows up under. I realize t

RE: Logwatch detail levels

2003-07-30 Thread Leonard den Ottolander
Hello Barry, > I was hoping to > use the standard logwatch to cut down on the number of logs I have to > read through every morning. This can be done by setting the loglevel that should be logged to files. So you can set up specific logfiles for your purpose and write the info yo

RE: Logwatch detail levels

2003-07-30 Thread Barry Johnson
I realize that is a solution but not the cleanest one. I was hoping to use the standard logwatch to cut down on the number of logs I have to read through every morning. I have also tried just using cron to run logwatch with the options I want but for some reason it won't print any info for

Re: Logwatch detail levels

2003-07-30 Thread David Hart
27;s correct. The command line (which can include detail level) will override the config file. Cron individual services with the detail level that you want. Check man logwatch for syntax details. I do this myself since I want higher detail on the RT314 service. -- redhat-list mailing list unsub

Re: Logwatch detail levels

2003-07-30 Thread Bill Tangren
Richard Humphrey wrote: Check the logwatch.conf file. It explains in there how to change the detail of logging -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Barry Johnson Sent: Wednesday, July 30, 2003 9:24 AM To: [EMAIL PROTECTED] Subject: Logwatch detail

RE: Logwatch detail levels

2003-07-30 Thread Richard Humphrey
Check the logwatch.conf file. It explains in there how to change the detail of logging -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Barry Johnson Sent: Wednesday, July 30, 2003 9:24 AM To: [EMAIL PROTECTED] Subject: Logwatch detail levels I was

Logwatch detail levels

2003-07-30 Thread Barry Johnson
I was wondering if it possible to change what detail level a service shows up under. I realize this seems vague but you'll know what I'm talking about if you know the answer. Thanks. Barry Johnson -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman

logwatch and strange going ons

2003-06-14 Thread David Richards
hi just check my log watch email that i get every nite or so and i foudn this in it ? The ftp login part 127.0.0.1: 173 Time(s) How do i stop the local server from loggin it like that? and OQUEUE: [EMAIL PROTECTED] [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

logwatch email and sendmail errors?

2003-06-12 Thread David Richards
HI all I just loooked at my logwatch email for last nite and found this OQUEUE: [EMAIL PROTECTED] [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA NOQUEUE: [EMAIL PROTECTED] [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA NOQUEUE: [EMAIL PROTECTED

Is there a more detailed Logwatch?

2003-05-27 Thread Richardson, Robert
Title: Is there a more detailed Logwatch? Hi, I have using Logwatch to gather user login information (RH 7.3 and 8.0). I do not like that it does not give me a time stamp of when a user logged in, or when a user initiated a process. Is there a more detailed Logwatch? Thanks, Robert

RE: Logwatch not watching [SOLVED]

2003-03-24 Thread Patrick Nelson
atest bleeding edge. Latest betas > are usually based on rawhide (or a good portion of it). > > ftp://ftp.redhat.com/pub/redhat/linux/rawhide > For some reason I had it in my head that rawhide was 73... Oops! Anyway, went to the above site and got: logwatch-4.3.1-2.noarch.rpm the

RE: Logwatch not watching

2003-03-24 Thread Patrick Nelson
Patrick Nelson wrote: > Matthew Saltzman wrote: >> On Mon, 24 Mar 2003, Patrick Nelson wrote: >> >>> RH80 >>> >>> Can not figure out why logwatch isn't producing any reports. >> >> It's a bug. Get the Rawhide version. >>

Re: Logwatch not watching

2003-03-24 Thread Rick Johnson
Patrick Nelson wrote: Matthew Saltzman wrote: It's a bug. Get the Rawhide version. Oh really... shoot how much time I just wasted... darn... So rawhide is 7.3? Rawhide is rawhide - lastest and greatest bleeding edge. Latest betas are usually based on rawhide (or a good portion of it). ftp://ftp

RE: Logwatch not watching

2003-03-24 Thread Patrick Nelson
Matthew Saltzman wrote: > On Mon, 24 Mar 2003, Patrick Nelson wrote: > >> RH80 >> >> Can not figure out why logwatch isn't producing any reports. > > It's a bug. Get the Rawhide version. > Oh really... shoot how much time I just wasted... dar

Re: Logwatch not watching

2003-03-24 Thread Matthew Saltzman
On Mon, 24 Mar 2003, Patrick Nelson wrote: > RH80 > > Can not figure out why logwatch isn't producing any reports. It's a bug. Get the Rawhide version. -- Matthew Saltzman Clemson University Math Sciences [EMAIL PROTECTED] http://www.math.clemson.edu/~mjs

Logwatch not watching

2003-03-24 Thread Patrick Nelson
RH80 Can not figure out why logwatch isn't producing any reports. There is a link in /etc/daily pointing to /etc/lod.d/logwatch which points to /etc/log.d/scripts/logwatch.pl I can run the script like cd /etc/log.d ./logwatch --print and I get no output. So I drill down d

logwatch sshd empty log

2003-02-25 Thread Lewi Supranata K
I watch report from logwatch in redhat8.0 don't report sshd, is there any issue about this? -- ichtus -- Lewi Supranata .K ICQ: 50643061 IPLUG Team About Me : http://lewi.f4boys.com Homepage : http://mercury7.petra.ac.id/~ichtus GnuPG Public Key : http://mercury7.petra.ac.id/~i

RE: logwatch on Redhat 8 not working correct

2003-02-19 Thread wilma
> Try running # logwatch --print > > This will let you see the standard error from the default logwatch run > by cron.daily. It's possible the script is bailing out for some reason, > but you can't see the error output in the mail output. > > If you don't

Re: logwatch on Redhat 8 not working correct

2003-02-14 Thread Andrew Pasquale
On Thu, Feb 13, 2003 at 01:38:33PM +0100 or thereabouts, wilma wrote: > > If I try: > logwatch --service sendmail --detail high --range all --print > I get no output > logwatch --service sshd --detail high --range all --print > I get no output > logwatch --service secure --de

logwatch on Redhat 8 not working correct

2003-02-13 Thread wilma
>What happens if you run logwatch from the command line? e.g. > >$ logwatch --service secure --detail high --range all --print > >Maybe you'll get some more information that will help you diagnose the >problem. > >-- >Andrew Pasquale >gpg id: 31AA061C If

Re: logwatch on Redhat 8 not working correct

2003-02-12 Thread Andrew Pasquale
On Wed, Feb 12, 2003 at 09:23:21AM +0100 or thereabouts, wilma wrote: > Hi, > I have a RedHat 8 installation in where logwatch seems to have some problems (at >least I think). > In /etc/log.d/conf/logwatch.conf I have specified that all Services should be >reported on: > Servic

logwatch on Redhat 8 not working correct

2003-02-12 Thread wilma
Hi, I have a RedHat 8 installation in where logwatch seems to have some problems (at least I think). In /etc/log.d/conf/logwatch.conf I have specified that all Services should be reported on: Service = All Still logwatch only produce output for ftp and for samba? I tried putting: Service

LogWatch stopped working

2003-01-31 Thread clemens
[ Sorry for this getting posted twice, but it got out without a subject line the first time around ] Some time ago I had LOGWATCH working just fine (this is RH7.3). Then I updated some things (perl, tk/tcl, ...) and I havent heard from logwatch since. Tonight I played with it a bit, putting

RE: Problems with logwatch detail

2002-12-17 Thread Michael Pelley
The 4.2.1-1 logwatch works! Thanks to all who replied. Cheers, Mike -- Mike Pelley "Non illegitimati carborundum" Owner & "Misc. Rambler" of Pelleys.com [EMAIL PROTECTED] - www.pelleys.com -Original Message- From: [

Re: Problems with logwatch detail

2002-12-17 Thread Javier Gostling
On Tue, Dec 17, 2002 at 07:50:20AM -0800, Rick Johnson wrote: > Try grabbing the latest Logwatch from logwatch.org > > ftp://ftp.kaybee.org/pub/redhat/RPMS/noarch/logwatch-4.2.1-1.noarch.rpm > > It may do what you're looking for, but it hasn't been put through the &g

Re: Problems with logwatch detail

2002-12-17 Thread Rick Johnson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Pelley wrote: | Folks - I've just set up a Red Hat 8 box and I can't seem to get | logwatch to report the info I'm looking for. The configuration is the | same as a 7.0 box that I have running, however, I only get the foll

Problems with logwatch detail

2002-12-17 Thread Michael Pelley
Folks - I've just set up a Red Hat 8 box and I can't seem to get logwatch to report the info I'm looking for. The configuration is the same as a 7.0 box that I have running, however, I only get the following section: Connections (se

Re: Logwatch stopped working...

2002-12-06 Thread Ben Russo
Try /usr/sbin/logwatch --debug HIGH > debug.out and then read debug.out. See if you can find the problem? My logwatch (on 7.2) says: [root@mis-unix sbin]# rpm -q --requires logwatch perl textutils sh-utils grep mailx rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(CompressedFileNames) <

Logwatch stopped working...

2002-12-06 Thread clemens
Up till a few weeks ago, LOGWATCH produced page+ of output every day (most of it was complaints from sendmail about SPAM, but it also listed my connections from 'outside' via SSH). And then it stopped. My assumption is/was that this is because I had updated perl/ tk/tcl, and (most like

Re: Config of LogWatch and Cron

2002-11-23 Thread EdwardSPL
Itself" - Me, 1990 > --- > Visit Our MIDI & Digital Audio Website at http://hale.dyndns.org > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > On Behalf Of Bret Hughes > Sent: Saturday, November 23, 2002 8:14 AM > To: [EMAIL PROTECTED]

Re: Config of LogWatch and Cron

2002-11-23 Thread EdwardSPL
Bret Hughes wrote: > On Sat, 2002-11-23 at 05:21, [EMAIL PROTECTED] wrote: > > Hello, > > > > How to midify the config ( LogWatch,Cron etc ) of RedHat 7.2 ? > > Because the root account always receive mails ( report of LogWatch and > > Cron ) each day... > &

RE: Config of LogWatch and Cron

2002-11-23 Thread Jim Hale
1990 --- Visit Our MIDI & Digital Audio Website at http://hale.dyndns.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bret Hughes Sent: Saturday, November 23, 2002 8:14 AM To: [EMAIL PROTECTED] Subject: Re: Config of LogWatch and Cron On Sat,

Re: Config of LogWatch and Cron

2002-11-23 Thread Bret Hughes
On Sat, 2002-11-23 at 05:21, [EMAIL PROTECTED] wrote: > Hello, > > How to midify the config ( LogWatch,Cron etc ) of RedHat 7.2 ? > Because the root account always receive mails ( report of LogWatch and > Cron ) each day... > I want to reset the default time to delay... >

Config of LogWatch and Cron

2002-11-23 Thread EdwardSPL
Hello, How to midify the config ( LogWatch,Cron etc ) of RedHat 7.2 ? Because the root account always receive mails ( report of LogWatch and Cron ) each day... I want to reset the default time to delay... So, can you help me ? Thanks ! Edward. -- redhat-list mailing list unsubscribe mailto

About the problem of LogWatch and Cron

2002-11-22 Thread EdwardSPL
Hello, The Redhat system is 7.2 Alway receive more the report emails from root about logwatch and cron... So, how can I change the time to receive the email about report of logwatch and cron only each week or each month ? Thank for your help ! Edward. -- redhat-list mailing list

Re: HOWTO Remove Cron in Logwatch

2002-08-11 Thread Tom Pollerman
On Sun, 11 Aug 2002 08:43:02 -0400 (EDT) Joe Giles wrote: > > I found the files... So, basically, I can just remove (move) the > file out of the services directory and this will take care of it? > The preferred method is to list the Services that you want Logwatch to monitor i

Re: HOWTO Remove Cron in LogWatch

2002-08-10 Thread Joe Giles
tary question, so please for give me :) > > > > How would you remove a cron job from listing in LOGWATCH? > > > > I run a cron job every minute and my daily logwatch report is RATHER > > LARGE. > > > > I have entered > /dev/null after the job, but it

Re: HOWTO Remove Cron in LogWatch

2002-08-10 Thread Tom Pollerman
On Sat, 10 Aug 2002 16:58:03 -0400 (EDT) Joe Giles wrote: > > List, > > This is probobly an elementary question, so please for give me :) > > How would you remove a cron job from listing in LOGWATCH? > > I run a cron job every minute and my daily logwatch report i

HOWTO Remove Cron in LogWatch

2002-08-10 Thread Joe Giles
List, This is probobly an elementary question, so please for give me :) How would you remove a cron job from listing in LOGWATCH? I run a cron job every minute and my daily logwatch report is RATHER LARGE. I have entered > /dev/null after the job, but it still lists in the CRON log. How

Re: weird logwatch sendmail message

2002-07-28 Thread Duncan Hill
On Sat, 27 Jul 2002, Chet Nichols III wrote: > Hey, > > In the sendmail portion of my LogWatch, I've gotten this a couple times > lately..not sure what it means, and if I should be worried at all, and why > it's happening. Here's the message: > > Authe

weird logwatch sendmail message

2002-07-27 Thread Chet Nichols III
Hey, In the sendmail portion of my LogWatch, I've gotten this a couple times lately..not sure what it means, and if I should be worried at all, and why it's happening. Here's the message: Authentication warnings: apache set sender to [EMAIL PROTECTED] using -f: 1 Times(s) A

Re: odd logwatch behaviour

2002-07-17 Thread Michael Fratoni
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 17 July 2002 01:36 pm, daniel wrote: > but today i logged into the machine through ssh (only port 22 is open) > and checked my mail to find that logwatch had built up a considerable > list of emails... but here's the hitc

odd logwatch behaviour

2002-07-17 Thread daniel
time. but today i logged into the machine through ssh (only port 22 is open) and checked my mail to find that logwatch had built up a considerable list of emails... but here's the hitch: it sent me an email every day EXCEPT monday and tuesday... is that normal? the emails i _did_ f

Fwd: LogWatch for garyh.ringways.co.uk

2002-07-15 Thread Gary Stainburn
Hi all, After upgrading from RH72 to RH73 I got this message. To the best of my knowledge, everything seems to be working so can anyone tell me what the following indicates, and how I can fix the problems. -- Forwarded Message -- Subject: LogWatch for garyh.stainburncom

Re: logwatch message that i don't understand

2002-07-12 Thread Francisco Neira
Banze, Andreas wrote: >>Well, in fact I received the "Don't panic" message from logwatch this >>morning. After checking Google I found that the message is a >>signature >>left by scanssh as noted in >>http://www.der-keiler.de/Mailing-Lists/sec

RE: logwatch message that i don't understand

2002-07-11 Thread Banze, Andreas
nice). Even the "normal" documentation sometimes lack the information you are looking for (the -bs is something I didn't find at sendmail.org). So the only way seems to be to consult the docs of the application that causes these log entries (seems reasonable, logwatch merely colle

RE: logwatch message that i don't understand

2002-07-11 Thread Banze, Andreas
> Well, in fact I received the "Don't panic" message from logwatch this > morning. After checking Google I found that the message is a > signature > left by scanssh as noted in > http://www.der-keiler.de/Mailing-Lists/securityfocus/incidents /2001-12/0244.ht

Re: logwatch message that i don't understand

2002-07-11 Thread Ed Wilts
On Thu, Jul 11, 2002 at 09:24:57AM -0700, daniel wrote: > i got this in my logwatch email to root the other day: > > g68B22hG013075: g68B24hG013077: DSN: User unknown The cryptic number is the sendmail message ID. You can grep your maillog for all occurrences of this string

Re: logwatch message that i don't understand

2002-07-11 Thread Francisco Neira
ck? > >thanks for the info people. > > > > Hi all, Well, in fact I received the "Don't panic" message from logwatch this morning. After checking Google I found that the message is a signature left by scanssh as noted in http://www.der-keiler.de/Mailing-Lists/securi

Re: logwatch message that i don't understand

2002-07-11 Thread daniel
| > most notably the 'unmatched entries' in things like sendmail, | > proftpd and sshd are bothering me. | | Then logwatch is probably not what you want, disable it if you like i didn't mean 'bothering me' in the sense that i wish they would go away. i'

RE: logwatch message that i don't understand

2002-07-11 Thread Banze, Andreas
> i got this in my logwatch email to root the other day: > g68JKQpm001168: Authentication-Warning: mydomain.com: myuser > owned process > doing -bs > what's a -bs? a sendmail commandline parameter used by programs like pine to send mail. If the sender is not a trusted

logwatch message that i don't understand

2002-07-11 Thread daniel
i got this in my logwatch email to root the other day: - sendmail Begin 13537 bytes transferred 10 messages sent **Unmatched Entries** g68B22hG013075: g68B24hG013077: DSN: User unknown g68B24hG013077: g68B24hH013077: return to sender: User unknown

Re: odd named entries in LogWatch

2002-07-02 Thread Chet Nichols
example the domain > neo.RR.com is delegated to 65.24.0.169 but that server is not > authoritative for that zone. > There is nothing you can do about it unless you know the admins of > those domains. > > Ben > >> Hey there, >> >> I've got 7.2 with named ru

Re: odd named entries in LogWatch

2002-07-02 Thread Chet Nichols
example the domain > neo.RR.com is delegated to 65.24.0.169 but that server is not > authoritative for that zone. > There is nothing you can do about it unless you know the admins of > those domains. > > Ben > >> Hey there, >> >> I've got 7.2 with named ru

Re: odd named entries in LogWatch

2002-07-02 Thread Ben
of those domains. Ben >Hey there, > >I've got 7.2 with named running. In the LogWatch I get a couple times a day >(or once a day), I've been noticing lately some weird activity under the >'named' section of the log..here's what I keep seeing: > >**

odd named entries in LogWatch

2002-07-01 Thread Chet Nichols
Hey there, I've got 7.2 with named running. In the LogWatch I get a couple times a day (or once a day), I've been noticing lately some weird activity under the 'named' section of the log..here's what I keep seeing: **Unmatched Entries** lame server resolving '9

Re: LogWatch secure-log messages

2002-04-01 Thread Emmanuel Seyman
On Mon, Apr 01, 2002 at 04:03:03PM -0800, Patrick Nelson wrote: > > OK just did this... know of a quick way to test? Checking /var/log/messages to see if the line that logwatch reports shows up again should do it. Emmanuel ___ Redhat-list m

RE: LogWatch secure-log messages

2002-04-01 Thread Patrick Nelson
Emmanuel Seyman wrote: - what would you suggest I change? Add this line to /etc/hosts.allow: fam: 127.0.0.1 - OK just did this... know of a quick way to test? ___ Redhat-list mailing list [EMAIL PROTECTED] htt

Re: LogWatch secure-log messages

2002-04-01 Thread Emmanuel Seyman
On Mon, Apr 01, 2002 at 03:21:10PM -0800, Patrick Nelson wrote: > > what would you suggest I change? Add this line to /etc/hosts.allow: fam: 127.0.0.1 Emmanuel ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listin

RE: LogWatch secure-log messages

2002-04-01 Thread Patrick Nelson
Emmanuel Seyman wrote: - > Mar 28 16:05:28 nea sshd[795]: received signal 15; terminating. > Mar 28 16:12:25 nea sshd[780]: Server listening on 0.0.0.0 port 22. Ssh is running on your machine. > Mar 28 16:13:54 nea xinetd[1296]: FAIL: sgi_fam libwrap from=0.0.0.0 sgi_fam can

Re: LogWatch secure-log messages

2002-04-01 Thread Emmanuel Seyman
On Sun, Mar 31, 2002 at 10:28:39PM -0800, Patrick Nelson wrote: > > Mar 28 16:05:28 nea sshd[795]: received signal 15; terminating. > Mar 28 16:12:25 nea sshd[780]: Server listening on 0.0.0.0 port 22. Ssh is running on your machine. > Mar 28 16:13:54 nea xinetd[1296]: FAIL: sgi_fam libwrap fro

LogWatch secure-log messages

2002-03-31 Thread Patrick Nelson
RH72 with all latest updates and Ximian gnome. I get these daily logwatch emails and in them there is a strange entry that I'm not sure the meaning of. I searched for documentation on it but fail to see if this is anything to be concerned about. Mar 28 16:05:28 nea sshd[795]: received s

LogWatch

2002-01-06 Thread pochy
Hello every body, I just have a quit "Q". I`m getting in every mail that LogWatch send to the root user this message: - sendmail Begin 2339 bytes transferred 2 messages sent **Unmatched Entries** My unqualified host name (Dedo) unknown

Re: Logwatch vs Logcheck

2001-11-27 Thread Devon
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday 27 November 2001 06:12 pm, Peter Kiem wrote: > Hi Bob, > > > Logwatch does not have all the features of Logcheck. Anyone > > running Logcheck on 7.0 or later versions of Red Hat? > > Red Hat 7.1 machine: > >

Re: Logwatch vs Logcheck

2001-11-27 Thread Bob Staaf
> Hi Bob, > > > Logwatch does not have all the features of Logcheck. Anyone > > running Logcheck on 7.0 or later versions of Red Hat? > > Red Hat 7.1 machine: > > # rpm -q logcheck > logcheck-1.1.1-1 > > -- Peter, I went ahead and downloaded log

Re: Logwatch vs Logcheck

2001-11-27 Thread Peter Kiem
Hi Bob, > Logwatch does not have all the features of Logcheck. Anyone > running Logcheck on 7.0 or later versions of Red Hat? Red Hat 7.1 machine: # rpm -q logcheck logcheck-1.1.1-1 -- Regards, +---+-+ | Peter Kiem|

Re: Logwatch vs Logcheck

2001-11-27 Thread Leonard den Ottolander
Hi Bob, > I noticed that although Red Hat never officially > supported logwatch it was available for download and through > RHN for 6.2. Now with 7.0 and on it appears that only > Logwatch is available through those channels. Any > particular reason

Logwatch vs Logcheck

2001-11-27 Thread Bob Staaf
Hello all, I noticed that although Red Hat never officially supported logwatch it was available for download and through RHN for 6.2. Now with 7.0 and on it appears that only Logwatch is available through those channels. Any particular reason for the switch? I prefer Locheck over

Re: LogWatch 2.1.1 Begin

2001-11-08 Thread Mike Burger
MAIL/EXPN/VRFY/ETRN are not POP3 commands...they're SMTP commands. Your MTA (Sendmail, Postfix, whichever) is generating that line. The first error is telling you that there is an error on line 8. You might want to just erase line 8 and re-enter it. Another thing to note is that if you don't

logrotate - HUH?! - logwatch, also

2000-06-21 Thread Burke, Thomas G.
he only directory this seems to occur in... How do I fix it? Also, I notice that logwatch is leaving a lot of fallout in my /tmp directory... If I erase all this stuff, will it "break" logwatch? -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.

Re: logwatch logs (!?)

2000-06-09 Thread Mikkel L. Ellertson
On Fri, 9 Jun 2000, Burke, Thomas G. wrote: > I noticed this in my logwatch logs last night, & I'vr never seen this > particular thing in them before. Could someone please explain? (I've > checked cron.hourly, & there's nothing in there)... > > Thanks.

Re: logwatch logs (!?)

2000-06-09 Thread Robert Glover
> I noticed this in my logwatch logs last night, & I'vr never seen this > particular thing in them before. Could someone please explain? (I've > checked cron.hourly, & there's nothing in there)... > > Thanks. >

logwatch logs (!?)

2000-06-09 Thread Burke, Thomas G.
I noticed this in my logwatch logs last night, & I'vr never seen this particular thing in them before. Could someone please explain? (I've checked cron.hourly, & there's nothing in there)... Thanks. ## LogWatch 1.6.6 Begin # ---

Re: logwatch scripts and attacks

2000-02-15 Thread Todd A. Jacobs
On Tue, 15 Feb 2000, Alan Mead wrote: > logwatch filter for portsentry? Or should I switch to another > logwatch (like psionic's)? I've had excellent results with psionic's. -- Todd A. Jacobs Network Systems Engineer -- To unsubscribe: mail [EMAIL PROTECTED] with

Re: logwatch scripts and attacks

2000-02-15 Thread [EMAIL PROTECTED]
Psionics logcheck is an excellent program. It puts portsentry attacks at top of the list with email title of ATTACK ALERT. Try it out. Kirk At 11:38 AM 2/15/00 -0600, you wrote: >Apparently the logwatch that ships with Red Hat is no longer being >supported or developed (or I've no

logwatch scripts and attacks

2000-02-15 Thread Alan Mead
Apparently the logwatch that ships with Red Hat is no longer being supported or developed (or I've not found the right list/web site). I'd like to scan my logs for portsentry attack alerts. I'm doing this now with a really simple script but it's a messy solution.

Odd message from Logwatch

1998-06-05 Thread Paul Pettit
Recently I have been getting odd messages in one servers secure log. It is being reported by Logwatch as follows: Errors: Service in.identd: cannot execute /usr/sbin/in.identd: No such file or directory: 17 Time(s) I thought that maybe I had missed something when I had updated the