[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

ftp xferlog is missing in Logwatch

Posted on 2004-07-30
7
Medium Priority
?
731 Views
Last Modified: 2012-06-21
I have logwatch (the latest version 5 ) installed in my Red Hat 9 and I receive the logwatch email everyday.

However the ftp xferlog (files that are uploading and downloading by users) is missing:

ie the following is missing:
 --------------------- ftpd-xferlog Begin ------------------------

TOTAL KB IN: 3188KB (3MB)

Incoming User FTP Transfers:
   123.123.123.1 -> /home/usr/public_html/something.jpg (User: usr)

I have already set Detail = High in the logwatch conf file but doesn't work.  How to fix this problem?
0
Comment
Question by:skinnyp
  • 3
  • 2
6 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11687563
depending on your ftpd verison, you need to use speicial options when starting ftpd, probably -d
0
 

Author Comment

by:skinnyp
ID: 11718110
I'm using pureftp.  When I changed to proftpd I can get the ftp info from logwatch.  If using pureftp I won't get any ftp info.  I do, however when manually check at /var/log/xferlog

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11720048
as said before, you need to pass an option to ftp, logwatch just checks what had been written to the logfile
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 

Author Comment

by:skinnyp
ID: 11725315
How to pass the option to ftp? Which configuration has to be modified? And how?
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 2000 total points
ID: 11729081
depends on how ftpd is started.
Most likely it's started via inetd, then you need to edit /etc/inetd.conf.
Sometimes it's started via rc-script, then edit the corresponding script (in /etc/init.d usually)
0
 
LVL 97

Expert Comment

by:war1
ID: 15874158
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: ahoffmann (#11729081)

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

war1
EE Cleanup Volunteer
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
There's never been a better time to become a computer scientist. Employment growth in the field is expected to reach 22% overall by 2020, and if you want to get in on the action, it’s a good idea to think about at least minoring in computer science …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Get the source code for a fully functional Access application shell with several popular security features that Access VBA application developers desire, but find difficult or impossible to figure out how to code. You get the source code for managi…
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question