Logwatch Broke Today
Jul 28, 2008
I logged into my email to check for my nightly logwatch report (at 12am).
Nothing.
So I log into ssh and manually run it, get greeted with this:
You have old files in your logwatch tmpdir (/var/cache/logwatch):
logwatch.zcTV3hC0
The directories listed above were most likely created by a
logwatch run that failed to complete successfully. If so, you
may delete these directories.
I last ran logwatch around 10:30pm, it worked fine.
I try to run logwatch again, same error.. except now there's another temp file showing beneath the first.
I go ahead and delete both of them, run logwatch again...it worked. I also got the other reports from when I tried running logwatch manually and was stopped with this error.
I've never had this happen before, so I'm curious as to what caused it? Logwatch is in cron.daily and has never missed a single report.
Just typical data corruption (as can happen with any computer file) or could something have interfered with its processing at 12?
View 2 Replies
ADVERTISEMENT
Jun 5, 2008
i cant seem to download logwatch anymore
is there any site keeping archive of logwatch available for download?
or is there any alternative to logwatch?
View 7 Replies
View Related
Aug 6, 2007
Warning!
This is a very positive--well, basically a rave--about my experience with a web hosting service today.
Please, read no further if you only like to focus on the negative in life!
After being with relio.com for about a year and a half, turns out I needed help transitioning some domains to a new account. And turns out, weberz.com is now who I have to contact for support because they bought relio. Turns out there were some things I just couldn't do for myself, and I ended up on the phone with Rob, the system admin today. Talk about great help! He stayed on the phone, patiently working through all of my issues until they were resolved. Afterwards I decided to poke through their support forums to learn more about a company that has this level/quality of service, and I was even more confident that I am with a good web hosting service that can grow with me over time.
View 14 Replies
View Related
Feb 7, 2008
I was reading through my logs and came across about 100 attempts to login to my server via ssh. They were all blocked, but should I get these IPs blacklisted or what? I've already blocked em from the server, but should I try and blacklist them?
View 7 Replies
View Related
Oct 15, 2007
After all the exploration I decided order from LiquidWeb..
I am really excited .
I am gonna order today...will report how it all went!
View 14 Replies
View Related
Jun 25, 2008
I used to recommend Hostway.com to other companies, as they host our eCommerce site as a shared hosting site and their uptime and customer service were very good.
But, NEVER AGAIN. Today, they have been down ALL DAY since around 10:30 am (they would not give me the exact time) and so has our business site! I called twice and the wait time the first time for a tech support person was over 1 hour! IN-FRIGGING-CREDIBLE! The 2nd call a few hours later was at least a 45 minute wait.
The answer I got was that they had a hard drive crash and my site is unlucky enough to live on that drive. Understandable, but their explanation that it takes ALL DAY to restore a hard drive from tape is incredible (or havent they heard of RAID systems??). In any case, our site came back up for a few minutes and is back down again. Downtime since 10:30 or so is approaching 6 hours now!
So, I will no longer recommend HOSTWAY to anyone for any reason. The incredible wait times on the phone line are ridiculous and we have lost $$$ today due to this outage and associated loses from adwords, too.
Finally, it seems that Hostway's other problem is that they are trying to offer too many other kinds of services besides just hosting (which they used to be good at), and now they suck at their core basic service. That's my two cents.
Any recommendations for a replacement hosting service that is reliable and well known?
I think I pay about $50/3 months for Hostway.
View 8 Replies
View Related
May 17, 2009
suphp and spent the better part of the day configuring a new server and then upgrading it to suphp in preparation for a migration next week.
However, I broke the links to var/www/html in the process and I don't know at what point it broke to know how to fix it.
I have a couple of links that usually work to this directory:
lax.powermonster.net/test.bin
and
[url]
Both of which now come up to a 404 error from my main site: powermonster.net.
View 12 Replies
View Related
Jun 22, 2008
I backed a system up with rsync, and just used rsync to copy it into a new machine... I just backed up / to my home directory on another machine, and then 'extracted' it to / on the new machine.
But now everything (and I mean everything) is owned by "matt", my user on the intermediate machine. I rebooted the system to get it to boot the new stuff without realizing this, and now it's not booting... Since /etc/passwd, /bin/bash, etc. aren't owned by root.
Any tips on where to go from here? As I said, it's a brand-new machine (VM, actually: even better!), so re-imaging is a solution, but I'd still have to copy the data back over. Reinstalling is a pain, though, so if there's a simple fix, I'd prefer that. I've got pygrub installed as a boot manager for the VM, but I can't for the life of me figure out how to get into single-user mode. (Nor am I sure that a "cd /; chown -R root" will have the desired effect?)
View 2 Replies
View Related
Mar 20, 2007
I ran Hijack this and fixed a few errors it listed in a Windows 2003 Server. I rebooted the server, but now when I attempt to login via remote desktop it logs in, but then immediately logs me out.
I am guessing HiJackThis deleted a required dll or .exe needed for Terminal Services. Do you guys have any idea how I can restore this, and undo what hijackthis did?
View 3 Replies
View Related
Jun 2, 2007
I searched the forum, couldn't find this issue. One user cannot log into their horde. They said they just kept being taken back to the login page.
So I got their cpanel login and logged in myself. The same thing happened to me when I tried to get into horde.
I use webmail on the same server and don't have that issue in my own account, and I haven't received any other complaints.
I repaired horde database, reset horde, and updated horde. None of those fixed the issue. what is wrong with this one account?
View 5 Replies
View Related
Dec 1, 2007
I just ran a simple yum update php on the server, because I need to be running 5.2 instead of 5.1.6
The update went smoothly, so I restarted httpd, and all hell broke loose. Apache can't start because of a whole lot of missing modules. So I commented out every single LoadModule line to see if that would get it to start, and it started complaining about the configuration file of some other software being incorrect (because that configuration file pointed to some module that no longer exists)
At one point I was able to get apache to start, I believe by copying my old configuration file to httpd.conf and then commenting out some lines that it was complaining about. Apache started, but no pages were loading.
So right now, basically, I've got no web service running at all on the server. I really didn't expect all of these problems for a simple PHP update, but obviously I was mistaken.
Is it worth trying to fix this myself (intermediate linux user here) or would it just be easier to hire someone to come in and do it for me?
View 4 Replies
View Related
Jul 16, 2014
According to de Plesk Administrator Guide and according to the kb article: [URL] ...., Plesk Panel is suitable to enable multiple php versions After I performed the steps mentioned in the kb article, all seemed fine until somehow php-cgi and php-fcgi broke down after
Code:
# service httpd restart
After this event, all websites hosted on this particular the server only work running php as an apache module.
I am running Pleks Panel 12.0.18 #7 on top of CenOs 6.5 on this particular server, which means php version 5.3.3 is installed by default. PHP 5.3.3 also is was the php version for the "custom: false" php handlers (id's: cgi, fastcgi, module). Somehow all php handlers look like this:
Code:
# /usr/local/psa/bin/php_handler --list
id: display name: full version: version: type: cgi-bin: php-cli: php.ini: custom:
cgi 5.5.13 5.5.13 5.5 cgi /usr/bin/php-cgi /etc/php.ini false
fastcgi 5.5.13 5.5.13 5.5 fastcgi /usr/bin/php-cgi /etc/php.ini false
[Code]....
View 7 Replies
View Related
Oct 24, 2008
servage.net is Broke down?... NO Dummy! They just changed their business to be SCAM
I am writing this to just let other friends here to be aware of this scam, they used to be host providers and now they've just become SCAM.
So my experience story goes like this:
Some days ago I ordered a 6month plan and paid by VCC, And got an email from them saying that my order is declined due to VCC not charged so I checked the balance of VCC and just knew that my poor little VCC is charged 45$ by this Green Giant named servage, So I let them know asap, I emailed back and told them to re-check and now it is days (5 days actually) that I am sending daily mails to Mr.Servage Scam and All I've gotten to now is nothing (actualy they don't respond anymore) wish they be alive at least (is it war or something running in their country? )
I really got disappointed at them I thought that since they have been in business for some time they can be reliable (at least at selling), However I just wrote back in here to let others know that servage.net is actually broke down or at least changed his hosting business to become a fast reliable scam (perhaps more profitable, who knows?)
All I wanted was a simple sweat hosting plan for my friend.
BTW If any of servage.net staff is here: Hey man that's not necessary to do illegal actions! Let's face it you need money? right? OK just put a donation button in the homepage and take my word on this always some good people exist out there to donate some bucks to you ( I will donate you too ), just don't be like this, this is shame.
I'm thinking over filling a dispute against them right now. Who know perhaps some days they respond back (At least I can re-check my email every day till next 50 years)
View 11 Replies
View Related
Jun 1, 2008
i am getting these in Logwatch 7.3.2
--------------------- Named Begin ------------------------
**Unmatched Entries**
client 193.220.62.4 error sending response: host unreachable: 1 Time(s)
client 200.4.59.195 error sending response: host unreachable: 3 Time(s)
client 201.143.242.67 error sending response: host unreachable: 1 Time(s)
client 208.254.9.236 error sending response: host unreachable: 1 Time(s)
client 213.85.189.1 error sending response: host unreachable: 8 Time(s)
client 222.113.142.168 error sending response: host unreachable: 1 Time(s)
client 61.109.163.138 error sending response: host unreachable: 1 Time(s)
client 61.4.218.51 error sending response: host unreachable: 1 Time(s)
client 62.179.104.208 error sending response: host unreachable: 1 Time(s)
client 67.210.12.107 error sending response: host unreachable: 1 Time(s)
client 78.4.45.16 error sending response: host unreachable: 4 Time(s)
client 80.237.128.135 error sending response: host unreachable: 1 Time(s)
client 85.106.233.213 error sending response: host unreachable: 1 Time(s)
client 91.121.143.168 error sending response: host unreachable: 1 Time(s)
---------------------- Named End -------------------------
i have apf firewall installed
View 0 Replies
View Related
Feb 22, 2007
I am thinking of installing Logwatch on my cPanel/WHM VPS
Does it take a lot of resources to run?
Does it run once a day only or is it running all the time?
View 1 Replies
View Related
Apr 15, 2007
I recentlt receive this log from server:
--------------------- httpd Begin ------------------------
0.00 MB transfered in 20 responses (1xx 0, 2xx 6, 3xx 0, 4xx 14, 5xx
0)
14 Content pages (0.00 MB),
6 Other (0.00 MB)
A total of 1 unidentified 'other' records logged
GET /w00tw00t.at.ISC.SANS.DFind HTTP/1.1 with response code(s) 6
400 responses
--------------------- Named Begin ------------------------
**Unmatched Entries**
client 209.200.168.66 bad zone transfer request: './IN':
non-authoritative zone (NOTAUTH): 1 Time(s)
notify question section contains no SOA: 1 Time(s)
Does that mean someone was trying break into the server or something?
View 4 Replies
View Related
Apr 3, 2009
I've been tasked with developing a default Logwatch configuration for a few dozen servers that will email their findings to a ticketing system. I was hoping to find insight here from users who are using Logwatch similarly. If you have Logwatch emailing a ticket system, I'd love to hear about your custom configs...
View 4 Replies
View Related
Aug 2, 2008
Quote:
Requests with error response codes
400 Bad Request
200: 1 Time(s)
400: 1 Time(s)
401 Unauthorized
/: 2 Time(s)
404 Not Found
/user/soapCaller.bs: 2 Time(s)
I am a bit confused about this. Is logwatch telling me a 400 request also served a 200?
View 2 Replies
View Related
Oct 29, 2007
Just got logwatch installed but config file appears to be blank?
wget ftp://ftp.kaybee.org/pub/redhat/RPMS...6-1.noarch.rpm
rpm -Uvh logwatch-7.3.6-1.noarch.rpm
rm -rf logwatch-7.3.6-1.noarch.rpm
pico -w /etc/logwatch/conf/logwatch.conf
This is what the config file shows:
# Local configuration options go here (defaults are in /usr/share/logwatch/defa$
I then look at that file and it's empty too.
Isnt there suppose to be config lines a file that I can alter to set my email address and stuff?
View 3 Replies
View Related
Jul 26, 2007
##################################################################
--------------------- Selinux Audit Begin ------------------------
Number of audit daemon stops: 4
**Unmatched Entries**
Error sending failure mode request (Connection refused)
Unable to set audit pid, exiting
Cannot daemonize (Success)
Error sending failure mode request (Connection refused)
Error sending failure mode request (Connection refused)
Unable to set audit pid, exiting
Cannot daemonize (Success)
Error sending failure mode request (Connection refused)
---------------------- Selinux Audit End -------------------------
--------------------- Cron Begin ------------------------
Commands Run:
User *system*:
personal crontab reloaded: 2 Time(s)
User agadirnet:
personal crontab listed: 1 Time(s)
User dafatir:
personal crontab listed: 1 Time(s)
User drweb:
/opt/drweb/update.pl: 37 Time(s)
User kari:
personal crontab listed: 1 Time(s)
User karicom:
personal crontab listed: 1 Time(s)
User kastala:
personal crontab listed: 1 Time(s)
User mailman:
/usr/lib/mailman/cron/checkdbs: 1 Time(s)
/usr/lib/mailman/cron/disabled: 1 Time(s)
/usr/lib/mailman/cron/gate_news: 223 Time(s)
/usr/lib/mailman/cron/nightly_gzip: 1 Time(s)
User root:
/opt/php51/bin/php5
/usr/local/sitebuilder/utils/clear_trial_sites.php > /dev/null 2>&1: 19
Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/sip1.php >
/dev/null 2>&1: 1 Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/sip2.php >
/dev/null 2>&1: 1 Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/update_key.php >
/dev/null 2>&1: 1 Time(s)
/usr/local/psa/admin/sbin/backupmng >/dev/null 2>&1: 74 Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/clean-events: 1
Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/clean-sysstats: 1
Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/pack-sysstats day: 1
Time(s)
/usr/local/rtm/bin/rtm 40 >/dev/null 2>/dev/null: 1116 Time(s)
/usr/local/sbin/bfd -q: 112 Time(s)
/usr/sbin/ntpdate -b -s 213.186.33.99: 1 Time(s)
run-parts /etc/cron.daily: 1 Time(s)
run-parts /etc/cron.hourly: 18 Time(s)
CRON Restarted 2 Time(s)
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
0.07 MB transferred in 211 responses (1xx 0, 2xx 26, 3xx 173, 4xx 12,
5xx 0)
148 Images (0.00 MB),
62 Content pages (0.07 MB),
1 Other (0.00 MB)
Requests with error response codes
400 Bad Request
/vb/Juice/images/editor/bold.gif: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind: 1 Time(s)
404 Not Found
/admin/phpmyadmin/main.php: 1 Time(s)
[url]
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
2 Time(s): PrefPort:A RlmtMode:Check Link State
2 Time(s): Virtual Wire compatibility mode.
2 Time(s): autonegotiation: yes
2 Time(s): duplex mode: full
2 Time(s): flowctrl: none
2 Time(s): ide0: BM-DMA at 0xfc00-0xfc07, BIOS settings: hda:pio,
hdb:pio
2 Time(s): ide1: BM-DMA at 0xfc08-0xfc0f, BIOS settings: hdc:pio,
hdd:pio
2 Time(s): irq moderation: disabled
2 Time(s): rx-checksum: disabled
2 Time(s): scatter-gather: disabled
2 Time(s): speed: 100
2 Time(s): tx-checksum: disabled
1 Time(s): pIII_sse : 4821.000 MB/sec
1 Time(s): pIII_sse : 4822.000 MB/sec
2 Time(s): IO window: e000-efff
2 Time(s): MEM window: fbf00000-fbffffff
2 Time(s): PREFETCH window: 20000000-200fffff
2 Time(s): Type: Direct-Access ANSI SCSI
revision: 05
2 Time(s): Vendor: ATA Model: Hitachi HDS72168 Rev: P21O
2 Time(s): BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
2 Time(s): BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
2 Time(s): BIOS-e820: 00000000000e6000 - 0000000000100000 (reserved)
2 Time(s): BIOS-e820: 0000000000100000 - 000000001f7b0000 (usable)
2 Time(s): BIOS-e820: 000000001f7b0000 - 000000001f7c0000 (ACPI data)
2 Time(s): BIOS-e820: 000000001f7c0000 - 000000001f7f0000 (ACPI NVS)
2 Time(s): BIOS-e820: 000000001f7f0000 - 000000001f800000 (reserved)
2 Time(s): BIOS-e820: 00000000ffb80000 - 0000000100000000 (reserved)
2 Time(s): sda: sda1 sda2 sda3
2 Time(s): ..TIMER: vector=0x31 apic1=0 pin1=2 apic2=0 pin2=0
2 Time(s): 0MB HIGHMEM available.
2 Time(s): 3ware 9000 Storage Controller device driver for Linux
v2.26.02.007.
2 Time(s): 3ware Storage Controller device driver for Linux
v1.26.02.001.
2 Time(s): 503MB LOWMEM available.
2 Time(s): ATA: abnormal status 0x7F on port 0xD407
2 Time(s): Adding 522104k swap on /dev/sda3. Priority:-1 extents:1
across:522104k
2 Time(s): Allocating PCI resources starting at 20000000 (gap:
1f800000:e0380000)
2 Time(s): BIOS-provided physical RAM map:
2 Time(s): Brought up 1 CPUs
2 Time(s): Built 1 zonelists. Total pages: 128944
2 Time(s): CPU0: Intel P4/Xeon Extended MCE MSRs (24) available
2 Time(s): CPU0: Intel(R) Pentium(R) 4 CPU 3.00GHz stepping 09
2 Time(s): CPU: L2 cache: 1024K
2 Time(s): CPU: Physical Processor ID: 0
2 Time(s): CPU: Trace cache: 12K uops, L1 D cache: 16K
1 Time(s): Calibrating delay using timer specific routine.. 5989.49
BogoMIPS (lpj=11978986)
1 Time(s): Calibrating delay using timer specific routine.. 5989.50
BogoMIPS (lpj=11979013)
2 Time(s): Checking 'hlt' instruction... OK.
2 Time(s): Checking if this processor honours the WP bit even in
supervisor mode... Ok.
2 Time(s): Compat vDSO mapped to ffffe000.
2 Time(s): Console: colour VGA+ 80x25
2 Time(s): Copyright (c) 1999-2005 LSI Logic Corporation
2 Time(s): Copyright (c) 1999-2006 Intel Corporation.
2 Time(s): DMI 2.3 present.
2 Time(s): Dentry cache hash table entries: 65536 (order: 6, 262144
bytes)
1 Time(s): Detected 2992.767 MHz processor.
1 Time(s): Detected 2992.772 MHz processor.
2 Time(s): Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
2 Time(s): ENABLING IO-APIC IRQs
2 Time(s): EXT3 FS on sda1, internal journal
2 Time(s): EXT3 FS on sda2, internal journal
2 Time(s): EXT3-fs: INFO: recovery required on readonly filesystem.
4 Time(s): EXT3-fs: mounted filesystem with ordered data mode.
2 Time(s): EXT3-fs: recovery complete.
1 Time(s): EXT3-fs: sda1: 4 orphan inodes deleted
1 Time(s): EXT3-fs: sda1: orphan cleanup on readonly fs
2 Time(s): EXT3-fs: write access will be enabled during recovery.
2 Time(s): Enabling APIC mode: Flat. Using 1 I/O APICs
2 Time(s): Enabling fast FPU save and restore... done.
2 Time(s): Enabling unmasked SIMD FPU exception support... done.
2 Time(s): ExtINT not setup in hardware but reported by MP table
2 Time(s): Freeing SMP alternatives: 20k freed
2 Time(s): Freeing unused kernel memory: 220k freed
2 Time(s): Fusion MPT SAS Host driver 3.04.01
2 Time(s): Fusion MPT SPI Host driver 3.04.01
2 Time(s): Fusion MPT base driver 3.04.01
2 Time(s): Fusion MPT misc device (ioctl) driver 3.04.01
2 Time(s): I/O APIC #2 Version 32 at 0xFEC00000.
2 Time(s): ICH5: IDE controller at PCI slot 0000:00:1f.1
2 Time(s): ICH5: chipset revision 2
2 Time(s): ICH5: not 100% native mode: will probe irqs later
2 Time(s): IP route cache hash table entries: 4096 (order: 2, 16384
bytes)
2 Time(s): IPv4 over IPv4 tunneling driver
2 Time(s): Initializing CPU#0
2 Time(s): Initializing Cryptographic API
2 Time(s): Inode-cache hash table entries: 32768 (order: 5, 131072
bytes)
2 Time(s): Intel MultiProcessor Specification v1.4
2 Time(s): Intel machine check architecture supported.
2 Time(s): Intel machine check reporting enabled on CPU#0.
2 Time(s): Intel(R) PRO/1000 Network Driver - version 7.1.9-k4-NAPI
2 Time(s): Kernel command line: auto BOOT_IMAGE=linux ro root=801 nousb
2 Time(s): Linux agpgart interface v0.101 (c) Dave Jones
2 Time(s): Linux version 2.6.18.1-xxxx-grs-ipv4-32
(root@kernel-32.ovh.net) (version gcc 3.3.5 (Debian 1:3.3.5-13)) #2 SMP
Fri Nov 3 23:04:19 CET 2006
2 Time(s): Memory: 506412k/515776k available (2860k kernel code, 8896k
reserved, 1080k data, 220k init, 0k highmem)
2 Time(s): Mount-cache hash table entries: 512
2 Time(s): NET: Registered protocol family 1
2 Time(s): NET: Registered protocol family 16
2 Time(s): NET: Registered protocol family 17
2 Time(s): NET: Registered protocol family 2
2 Time(s): Netfilter messages via NETLINK v0.30.
2 Time(s): OEM ID: ASUSTeK Product ID: APIC at: 0xFEE00000
2 Time(s): PCI quirk: region 0480-04bf claimed by ICH4 GPIO
2 Time(s): PCI quirk: region 0800-087f claimed by ICH4 ACPI/GPIO/TCO
2 Time(s): PCI->APIC IRQ transform: 0000:00:02.0[A] -> IRQ 16
2 Time(s): PCI->APIC IRQ transform: 0000:00:1f.1[A] -> IRQ 18
2 Time(s): PCI->APIC IRQ transform: 0000:00:1f.2[A] -> IRQ 18
2 Time(s): PCI->APIC IRQ transform: 0000:01:0d.0[A] -> IRQ 23
2 Time(s): PCI: Bridge: 0000:00:1e.0
2 Time(s): PCI: Enabling device 0000:00:1f.1 (0005 -> 0007)
2 Time(s): PCI: Ignore bogus resource 6 [0:0] of 0000:00:02.0
2 Time(s): PCI: Ignoring BAR0-3 of IDE controller 0000:00:1f.1
2 Time(s): PCI: PCI BIOS revision 2.10 entry at 0xf0031, last bus=1
2 Time(s): PCI: Probing PCI hardware
2 Time(s): PCI: Transparent bridge - 0000:00:1e.0
2 Time(s): PCI: Using IRQ router PIIX/ICH [8086/24d0] at 0000:00:1f.0
2 Time(s): PCI: Using configuration type 1
2 Time(s): PID hash table entries: 2048 (order: 11, 8192 bytes)
2 Time(s): Processor #0 15:4 APIC version 20
2 Time(s): Processors: 1
2 Time(s): Real Time Clock Driver v1.12ac
4 Time(s): SCSI device sda: 160836480 512-byte hdwr sectors (82348 MB)
4 Time(s): SCSI device sda: drive cache: write back
2 Time(s): SCSI subsystem initialized
2 Time(s): SGI XFS with large block numbers, no debug enabled
2 Time(s): SMP alternatives: switching to UP code
2 Time(s): Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ
sharing disabled
2 Time(s): Setting up standard PCI resources
2 Time(s): Software Watchdog Timer: 0.07 initialized. soft_noboot=0
soft_margin=60 sec (nowayout= 0)
2 Time(s): TCP bic registered
2 Time(s): TCP bind hash table entries: 8192 (order: 4, 65536 bytes)
2 Time(s): TCP established hash table entries: 16384 (order: 5, 131072
bytes)
2 Time(s): TCP reno registered
2 Time(s): TCP: Hash tables configured (established 16384 bind 8192)
2 Time(s): Time: tsc clocksource has been installed.
1 Time(s): Total of 1 processors activated (5989.49 BogoMIPS).
1 Time(s): Total of 1 processors activated (5989.50 BogoMIPS).
2 Time(s): Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
2 Time(s): Using IPI Shortcut mode
2 Time(s): VFS: Disk quotas dquot_6.5.1
2 Time(s): VFS: Mounted root (ext3 filesystem) readonly.
2 Time(s): ata1: SATA max UDMA/133 cmd 0xD400 ctl 0xD002 bmdma 0xC000
irq 18
2 Time(s): ata2.00: ATA-7, max UDMA/133, 160836480 sectors: LBA48 NCQ
(depth 0/32)
2 Time(s): ata2.00: ata2: dev 0 multi count 16
2 Time(s): ata2.00: configured for UDMA/133
2 Time(s): ata2: SATA max UDMA/133 cmd 0xC800 ctl 0xC402 bmdma 0xC008
irq 18
2 Time(s): ata_piix 0000:00:1f.2: MAP [ P0 -- P1 -- ]
2 Time(s): device-mapper: ioctl: 4.7.0-ioctl (2006-06-24) initialised:
dm-devel@redhat.com
2 Time(s): drivers/rtc/hctosys.c: unable to open rtc device (rtc0)
2 Time(s): e100: Copyright(c) 1999-2005 Intel Corporation
2 Time(s): e100: Intel(R) PRO/100 Network Driver, 3.5.10-k2-NAPI
2 Time(s): eth0: Yukon Gigabit Ethernet 10/100/1000Base-T Adapter
2 Time(s): eth0: network connection up using port A
2 Time(s): floppy0: no floppy controllers found
2 Time(s): found SMP MP-table at 000ff780
2 Time(s): ide: Assuming 33MHz system bus speed for PIO modes; override
with idebus=xx
2 Time(s): io scheduler anticipatory registered (default)
2 Time(s): io scheduler cfq registered
2 Time(s): io scheduler deadline registered
2 Time(s): io scheduler noop registered
2 Time(s): ip_conntrack version 2.4 (4029 buckets, 32232 max) - 224
bytes per conntrack
2 Time(s): ip_tables: (C) 2000-2006 Netfilter Core Team
4 Time(s): kjournald starting. Commit interval 5 seconds
2 Time(s): klogd 1.4.1, log source = /proc/kmsg started.
2 Time(s): loop: loaded (max 8 devices)
4 Time(s): md: ... autorun DONE.
4 Time(s): md: Autodetecting RAID arrays.
4 Time(s): md: autorun ...
2 Time(s): md: bitmap version 4.39
2 Time(s): md: linear personality registered for level -1
2 Time(s): md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27
2 Time(s): md: multipath personality registered for level -4
2 Time(s): md: raid0 personality registered for level 0
2 Time(s): md: raid1 personality registered for level 1
2 Time(s): md: raid4 personality registered for level 4
2 Time(s): md: raid5 personality registered for level 5
2 Time(s): md: raid6 personality registered for level 6
2 Time(s): megasas: 00.00.03.01 Sun May 14 22:49:52 PDT 2006
2 Time(s): mice: PS/2 mouse device common for all mice
2 Time(s): migration_cost=0
2 Time(s): monitor/mwait feature present.
2 Time(s): mptctl: /dev/mptctl @ (major,minor=10,220)
2 Time(s): mptctl: Registered with Fusion MPT base driver
2 Time(s): raid5: automatically using best checksumming function:
pIII_sse
1 Time(s): raid5: using function: pIII_sse (4821.000 MB/sec)
1 Time(s): raid5: using function: pIII_sse (4822.000 MB/sec)
1 Time(s): raid6: int32x1 862 MB/s
1 Time(s): raid6: int32x1 863 MB/s
2 Time(s): raid6: int32x2 795 MB/s
2 Time(s): raid6: int32x4 708 MB/s
1 Time(s): raid6: int32x8 543 MB/s
1 Time(s): raid6: int32x8 544 MB/s
1 Time(s): raid6: mmxx1 1831 MB/s
1 Time(s): raid6: mmxx1 1840 MB/s
2 Time(s): raid6: mmxx2 2122 MB/s
2 Time(s): raid6: sse1x1 1057 MB/s
1 Time(s): raid6: sse1x2 1208 MB/s
1 Time(s): raid6: sse1x2 1210 MB/s
1 Time(s): raid6: sse2x1 2099 MB/s
1 Time(s): raid6: sse2x1 2101 MB/s
1 Time(s): raid6: sse2x2 2252 MB/s
1 Time(s): raid6: sse2x2 2254 MB/s
1 Time(s): raid6: using algorithm sse2x2 (2252 MB/s)
1 Time(s): raid6: using algorithm sse2x2 (2254 MB/s)
2 Time(s): scsi0 : ata_piix
2 Time(s): scsi1 : ata_piix
2 Time(s): sd 1:0:0:0: Attached scsi disk sda
4 Time(s): sda: Write Protect is off
2 Time(s): serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
2 Time(s): serio: i8042 AUX port at 0x60,0x64 irq 12
2 Time(s): serio: i8042 KBD port at 0x60,0x64 irq 1
2 Time(s): tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
2 Time(s): tun: Universal TUN/TAP device driver, 1.6
2 Time(s): using mwait in idle threads.
---------------------- Kernel End -------------------------
View 0 Replies
View Related
Jan 8, 2007
I've been getting this log watch from my server emailed to me on a daily basis. It gives me a list of all the authentification failures via SSH and other protocols. Should I be actively concerned that there's specific IP addresses consistantly trying to access my SSH account? Likewise, for any type of failed login. Should I actively block their IP address from accessing the server at all?
I've also noticed in the Connections group, there's a lot of monitoringservice.net connections -- is this normal?
Just want to make sure I'm taking an active effort on preventing my server being brought down. I mean, I have 2000+ SSHd authentication failures... seems really high.
View 3 Replies
View Related
May 5, 2009
I was searching for something else the other day and came across this (search for LogWatch on the page).
It changes the default paths for some of the log files so that they work on a cPanel/WHM server.
This will give you more reports in your daily LogWatch email - specifically, it adds exim, apache, courier and PureFTP logs.
Most tutorials only show you how to change the detail level or the email address in logwatch.conf.
So, I thought I'd share this piece of information.
I found that a few changes were necessary for my system.
So, I'll give all the steps I followed below:
1) After you have installed LogWatch, change the following in /usr/share/logwatch/default.conf/logwatch.conf :
Code:
Detail = High
MailTo = <your email address>
You can use Detail = Med if you want to reduce the details you get.
2) Add the following to /etc/logwatch/conf/override.conf (you may have to create the file):
Code:
logfiles/exim: LogFile = exim_mainlog
logfiles/http: LogFile = /usr/local/apache/logs/access_log
services/pop3: *OnlyService = cpanelpop
services/pop3: *RemoveHeaders = 1
services/pureftpd: LogFile = messages
services/pureftpd: $show_logins = 1
services/pureftpd: $show_logouts = 1
services/pureftpd: $show_new_connections = 1
So, if you are not bored reading LogWatch's daily logs and would like to increase your workload, you now know how to
How have you configured your LogWatch installation ? Or do you use something other than LogWatch?
View 0 Replies
View Related
May 24, 2008
My /var partition is getting full and most of the problem seems to be with the files in /var/cache/logwatch/ using up all the space. Can those be deleted?
View 4 Replies
View Related
May 9, 2007
I'm running out of disk space on /var and it seem /var/cache/logwatch has almost 4GB of space. Can I remove everything inside and uninstall logwatch? How do I remove logwatch from the system and any affect of the system functionality.
DirectAdmin
CentOS4.4
View 5 Replies
View Related
Oct 29, 2007
I have been receivig a huge logwatch report, seems that logwatch is not parsing the /var/log/secure file, but sending the log entries instead of any resume of it. I got thousands of lines like
Cp-Wrap: Pushing "47 GETDISKUSED pvargas lights.com.co" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 25 Time(s)
Cp-Wrap: Pushing "47 GETDISKUSED r.perez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 69 Time(s)
Cp-Wrap: Pushing "47 GETDISKUSED r.rodriguez konecrans.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 114 Time(s)
I have upgraded to the most recent version of Logwatch with default configuration. Any ideas on what could be wrong?
View 4 Replies
View Related
May 14, 2007
Is this someone trying to gain access to the server and just trying different password or ways? The server is new with no websites hosted yet but already getting this.
Will Brute Force not take care of this?
Is this common? Any ideas?
**Unmatched Entries**
sendto(72.64.118.118): Operation not permitted: 72 time(s)
sendto(69.182.190.97): Operation not permitted: 73 time(s)
sendto(66.93.44.19): Operation not permitted: 72 time(s)
View 2 Replies
View Related
Apr 16, 2007
Does anyone have a link to some Logwatch installation instructions. There nothing on the logwatch website and not manage to find anything on here or on google.
I jusy want to set it up and have it email me every day.
I have never used rpm installs before.
View 3 Replies
View Related
Jul 17, 2007
# cd /usr/src
# wget ftp://ftp.kaybee.org/pub/linux/logwatch-7.3.6.tar.gz
# tar -xvzf logwatch-7.3.6.tar.gz
# cd logwatch*
# ./install_logwatch.sh
-bash: ./install_logwatch.sh: Permission denied
View 2 Replies
View Related
May 14, 2007
Posts have been disappearing the last 2 days on WHT. Let me try this again.
The server is new and do not have any websites setup yet. It's already getting these entries. Is this normal? Should we move to a different SSH port?
**Unmatched Entries**
sendto(72.64.118.118): Operation not permitted: 72 time(s)
sendto(69.182.190.97): Operation not permitted: 73 time(s)
sendto(66.93.44.19): Operation not permitted: 72 time(s)
View 6 Replies
View Related
Mar 11, 2015
I used a little vServer with ubuntu (turnkey) and use logwatch to be informed by email about any errors. I'm confused about the following errors from Apache:
--------------------- httpd Begin ------------------------
Requests with error response codes
404 Not Found
http://translate.google.com/gen204: 1 Time(s)
http://www.teddybrinkofski.com/ip_json.php: 1 Time(s)
503 Service Unavailable
http://www.google.com/: 1 Time(s)
---------------------- httpd End -------------------------
These errors are definetly not from my own code. I have checked that mod_proxy is disabled and i disabled also CONNECT like here described: [URL] ....
What does these errors mean and how can i disabled this?
View 4 Replies
View Related
