Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re[2]: [suse-security] parsing /var/log/warn
  • From: John <isofroni@xxxxxxxxx>
  • Date: Fri, 11 Mar 2005 09:34:03 +0200
  • Message-id: <486336482.20050311093403@xxxxxxxxx>

From: Cristian Del Carlo <delcarlo@xxxxxxxxxxxxxx>
To: suse-security@xxxxxxxx
Date: Thursday, March 10, 2005, 1:10:56 PM
Subject: [suse-security] parsing /var/log/warn



Thursday, March 10, 2005, 1:10:56 PM, you wrote:

> Hi,
> if you have /etc/syslog.conf so configured :

> *.=warning;*.=err -/var/log/warn
> *.crit /var/log/warn
> *.*;mail.none;news.none -/var/log/messages

> Then the messages that you have in /var/log/warn are also in /var/log/messages.
> You can use logwatch to parse this files.
> Best regards,

> cristian del carlo


> On Mar 10, 2005 10:30 AM, John <isofroni@xxxxxxxxx> wrote:

>> Hi to all
>>
>> Which is the best program for parsing, analyzing the /var/log/warn
>> file, iptables log report ?
>>
>>
>>
>> --
>> Check the headers for your unsubscription address
>> For additional commands, e-mail: suse-security-help@xxxxxxxx
>> Security-related bug reports go to security@xxxxxxx, not here
>>






My /etc/syslog.conf is like that

*.=warning;*.=err -/var/log/warn
*.crit /var/log/warn
*.*;mail.none;news.none;*.!=warning;*.!=err;*.!crit -/var/log/messages

Therefore, only warn file has the iptables log report.

I tried logwatch but i cannot set it to read warn file.

Any ideas?





< Previous Next >