logwatch config
From 4.232.219.39 - 1 packet
To 69.56.194.xxx - 1 packet
Service: http (udp/80) (** IN_UDP DROP **,eth0,none) - 1 packet
From 24.13.58.51 - 4 packets
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP **,eth0,none) - 1 packet
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP **,eth0,none) - 1 packet
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP
To 69.56.194.xxx - 1 packet
Service: http (udp/80) (** IN_UDP DROP **,eth0,none) - 1 packet
From 24.13.58.51 - 4 packets
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP **,eth0,none) - 1 packet
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP **,eth0,none) - 1 packet
To 69.56.194.xxx - 1 packet
Service: 65506 (tcp/65506) (** IN_TCP DROP
**Unmatched Entries**
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (SKNfa-03p6-xxx.ppp11.odn.ad.jp[61.123.69.xxx]) - FTP session idle timeout, disconnected.
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (localhost[127.0.0.1]) - FTP login timed out, disconnected
server01.xxx.com (SKNfa-03p6-xxx.ppp11.odn.ad.jp[61.123.69.xxx]) - FTP session idle timeout, disconnected.
**Unmatched Entries**
Cp-Wrap[21789]: CP-Wrapper v1.2 resuming normal operations
Cp-Wrap[21789]: Pushing "32103 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32103
Cp-Wrap[21789]: CP-Wrapper terminated without error
Cp-Wrap[1559]: CP-Wrapper v1.2 resuming normal operations
Cp-Wrap[1559]: Pushing "32103 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32103
Cp-Wrap[1559]: CP-Wrapper terminated without error
Cp-Wrap[8648]: CP-Wrapper v1.2 resuming normal operations
Cp-Wrap[21789]: CP-Wrapper v1.2 resuming normal operations
Cp-Wrap[21789]: Pushing "32103 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32103
Cp-Wrap[21789]: CP-Wrapper terminated without error
Cp-Wrap[1559]: CP-Wrapper v1.2 resuming normal operations
Cp-Wrap[1559]: Pushing "32103 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32103
Cp-Wrap[1559]: CP-Wrapper terminated without error
Cp-Wrap[8648]: CP-Wrapper v1.2 resuming normal operations
i'd like to restrict logwatch to:
- Named
- PAM_pwdb
- Connections (secure-log)
- SSHD
- Disk Space
and probably kernel errors
anyone know if it's possible?
on logwatch.conf i have "Service = All", so i should probaby change it, but how can I add more than one service?
the config says:
# Maybe you only wanted reports on PAM messages, then you would use:
#Service = pam_pwdb # PAM_pwdb messages - usually quite a bit
#Service = pam_pwdb # PAM_pwdb messages - usually quite a bit
is there a way to add 4 or 5?
thanks
