Highest Voted 'logwatch' Questions - Server Fault Stack Exchange

48

votes

3 answers

What does "Normal Shutdown, Thank you for playing [preauth]" In SSH logs mean?

Recently, My SSH log summaries for my Ubuntu 12.04 servers in Logwatch have started showing entries for "11: Normal Shutdown, Thank you for playing [preauth]" along with the "11: Bye Bye [preauth]" and "11: disconnected by user" messages they had…

ssh logwatch

asked Dec 04 '13 at 16:03

Dave Stern

605
1
6
7

32

votes

6 answers

Linux: logwatch(8) is too noisy. How can I control the noise level?

Our Linux systems run logwatch(8) utility by default. On a RedHat/CentOS/SL system, Logwatch is called by the /etc/cron.daily/ cronjob, which then sends a daily email with the results. These emails have a subject like: Subject: Logwatch for…

linux monitoring syslog logwatch

asked Jul 22 '11 at 23:24

Stefan Lasiewski

22,949
38
129
184

10

votes

1 answer

Empty/Null Apache request entries in access log

This entry got logged in a Apache access log: IP ADDRESS - - [00/00/0000:00:00:00 -0000] " " 301 - "-" "-" It was detected by LogWatch as a null HTTP Response and also got marked as a successful probe.. I am curious about how this request about made…

apache-2.2 logwatch 301-redirect logging

asked May 04 '12 at 16:36

elle

113
1
6

7

votes

3 answers

Logwatch is not respecting MailFrom

I've gone through today to setup Logwatch on my server and have installed this all successfully. I've followed this guide on Digital Ocean and set the MailFrom parameter to: MailFrom = mailer@mydomain.com I'm using ssmtp to send emails using my…

email smtp email-server logwatch ssmtp

asked May 04 '16 at 06:46

James

325
2
11

7

votes

2 answers

How to change "sender:" field in the header of Logwatch emails

I changed MailFrom="" in /usr/share/logwatch/default.conf/logwatch.conf That altered "From:" in the headers, but "Sender:" is still "root@ip-xx-xx-xx-xx.domain" EC2 Linux AMI beta, Postfix is the mailer

linux postfix logwatch

asked Jun 14 '11 at 17:07

Skylervich

93
1
4

6

votes

6 answers

Including hostname in apache logwatch reports

When hosting multiple domains with apache it's useful to see the logwatch apache output with the virtual host name included, but I only get: --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad…

apache-2.2 logwatch

asked Jun 12 '09 at 08:03

Robert Munteanu

1,542
5
22
38

5

votes

1 answer

Enable & Disable Log-watch feature in Linux server

Can anyone please share the procedure how to enable & disable the log-watch feature in Linux RHEL 5 machine. Thanks in advance.

logwatch

asked Apr 15 '13 at 14:48

krish

69
1
1
2

5

votes

3 answers

Cannot run logwatch due to Date::Manip issue

I tried to run logwatch at follows [root@machine cron.daily]# ./0logwatch ERROR: Date::Manip unable to determine TimeZone. Execute the following command in a shell prompt: perldoc Date::Manip The section titled TIMEZONES describes valid…

linux centos perl timezone logwatch

asked Aug 23 '12 at 06:34

Quintin Par

4,293
10
46
72

5

votes

2 answers

/var/cache/logwatch No such file or directory at /usr/sbin/logwatch line 633

Logwatch has been working perfectly until now. I read a tutorial that you shouldnt edit the config in the default place /usr/share/logwatch Instead you should move it to /etc/logwatch So i did that and now i get this error /var/cache/logwatch No…

debian logwatch

asked May 23 '12 at 09:46

h00j

378
6
21

5

votes

4 answers

How to prevent bots from trying to guess a link on my site

My logwatch report which I installed recently shows me this: --------------------- httpd Begin ------------------------ 0.78 MB transferred in 5864 responses (1xx 0, 2xx 4900, 3xx 0, 4xx 964, 5xx 0) 160 Images (0.16 MB), 857 Content pages (0.62…

httpd http-status-code-404 logwatch

asked Mar 07 '12 at 11:28

Nikola

777
4
12
21

5

votes

5 answers

How should I deal with logs before they get to big?

I found out my disk was full today, and I freed up 10% just from deleting mostly logs from multiple websites. I, personally, like to keep logs as an archive, because I may need to look back on them for whatever reason. I'm new to administrating my…

log-files httpd logrotate logwatch

asked Jan 22 '12 at 21:53

Strawberry

1,112
4
15
27

4

votes

1 answer

Logwatch: connection attempts using mod_proxy

Today I noticed this entry in my log file: Connection attempts using mod_proxy: 175.180.113.83 -> 66.135.210.61:80: 1 Time(s) This is something I do not normally see in my logs. I have a few questions about this: What does this actually mean? Does…

apache-2.2 logging mod-proxy logwatch

asked Jul 05 '11 at 03:48

Aaron

702
2
10
19

3

votes

2 answers

Centralized logwatch

Logwatch is really useful for me, but I find it really tiresome to watch through all emails. Is there any tool or solution that centralizes all the daily reports into one, and allows to easily navigate through them? Thanks.

logwatch

asked Jan 02 '10 at 23:45

SyRenity

3,159
11
55
79

3

votes

2 answers

What Exactly Do These "Kernel Audit" Entries in Logwatch Report Mean?

I am using Debian with Logwatch installed. I would receive some strange log records on a regular basis. I searched multiple times regarding the actual meaning of the following entries but still, I have no idea what they mean: ---------------------…

linux debian kernel logwatch

asked Aug 15 '17 at 09:04

user411672

3

votes

0 answers

Why can't I get logwatch to output anything in Ubuntu?

So I installed logwatch using this guide on a Ubuntu 12.04 box. I also setup postfix and my initial intention was to add a daily cronjob to email me these reports (I have the same setup on a Debian Wheezy box and it works just fine). But somehow I…

ubuntu logwatch

asked Jul 02 '13 at 13:03

c00kiemonster

131
2

Questions tagged [logwatch]