paries
asked on
looking for help on filtering logwatch
Hello,
Does anyone know how to customize logwatch. Since upgrading to fedora logwatch now gives me to much. it seems like logwatch does not know what to do with jsp and servlet stuff.
the doc does not help me, so hopefully someone can help me
Currently in my log file i am seeing
A total of 110 sites probed the server ( i have looking in the log file and these are servlet URLS being posted to)
"POST
12.189.32.36
12.189.32.38
12.222.111.190
then i see this as well (these are also legit).
!!!! 63 possible successful probes
/jsp/menu.jsp?dir=jveydove c&lang=nul l HTTP Response 200
/jsp/menu.jsp?dir=afritz&l ang=null HTTP Response 200
/jsp/menu.jsp?dir=tamarawo lfe&lang=n ull HTTP Response 200
/jsp/menu.jsp?dir=bmckneel y&lang=nul l HTTP Response 200
So I am looking for help on how to filter these out
RP
Does anyone know how to customize logwatch. Since upgrading to fedora logwatch now gives me to much. it seems like logwatch does not know what to do with jsp and servlet stuff.
the doc does not help me, so hopefully someone can help me
Currently in my log file i am seeing
A total of 110 sites probed the server ( i have looking in the log file and these are servlet URLS being posted to)
"POST
12.189.32.36
12.189.32.38
12.222.111.190
then i see this as well (these are also legit).
!!!! 63 possible successful probes
/jsp/menu.jsp?dir=jveydove
/jsp/menu.jsp?dir=afritz&l
/jsp/menu.jsp?dir=tamarawo
/jsp/menu.jsp?dir=bmckneel
So I am looking for help on how to filter these out
RP
The upgrade probably just gave you some new filter settings, which you didn't want. You can reconfigure logwatch using the Log Filter Setup :- More detailed info available here: http://www.cequrux.com/support/firewall/node86.htm - You may want to view the 'Previous' article on that page aswell if you're not familiar with Log Filter Setup.
Sorry - wrong link I think, bare with me, i'll find the right one.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.