Solved

ftp xferlog is missing in Logwatch

Posted on 2004-07-30
7
685 Views
Last Modified: 2012-06-21
I have logwatch (the latest version 5 ) installed in my Red Hat 9 and I receive the logwatch email everyday.

However the ftp xferlog (files that are uploading and downloading by users) is missing:

ie the following is missing:
 --------------------- ftpd-xferlog Begin ------------------------

TOTAL KB IN: 3188KB (3MB)

Incoming User FTP Transfers:
   123.123.123.1 -> /home/usr/public_html/something.jpg (User: usr)

I have already set Detail = High in the logwatch conf file but doesn't work.  How to fix this problem?
0
Comment
Question by:skinnyp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11687563
depending on your ftpd verison, you need to use speicial options when starting ftpd, probably -d
0
 

Author Comment

by:skinnyp
ID: 11718110
I'm using pureftp.  When I changed to proftpd I can get the ftp info from logwatch.  If using pureftp I won't get any ftp info.  I do, however when manually check at /var/log/xferlog

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11720048
as said before, you need to pass an option to ftp, logwatch just checks what had been written to the logfile
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:skinnyp
ID: 11725315
How to pass the option to ftp? Which configuration has to be modified? And how?
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 11729081
depends on how ftpd is started.
Most likely it's started via inetd, then you need to edit /etc/inetd.conf.
Sometimes it's started via rc-script, then edit the corresponding script (in /etc/init.d usually)
0
 
LVL 97

Expert Comment

by:war1
ID: 15874158
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: ahoffmann (#11729081)

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

war1
EE Cleanup Volunteer
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question