Re[2]: [suse-security] parsing /var/log/warn

11 Mar 2005

      From: Cristian Del Carlo 
To: suse-security@suse.com
Date: Thursday, March 10, 2005, 1:10:56 PM
Subject: [suse-security] parsing /var/log/warn

  Thursday, March 10, 2005, 1:10:56 PM, you wrote:
...
Hi, 
 if you have /etc/syslog.conf so configured :
...
*.=warning;*.=err -/var/log/warn 
 *.crit /var/log/warn 
 *.*;mail.none;news.none -/var/log/messages
...
Then the messages that you have in /var/log/warn are also in /var/log/messages.
 You can use logwatch to parse this files. 
 Best regards,
...
cristian del carlo
...
On Mar 10, 2005 10:30 AM, John  wrote:
...
...
Hi to all
Which is the best program for parsing, analyzing the /var/log/warn
file, iptables log report ?
-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here
My /etc/syslog.conf is like that

*.=warning;*.=err -/var/log/warn
*.crit /var/log/warn
*.*;mail.none;news.none;*.!=warning;*.!=err;*.!crit   -/var/log/messages

Therefore, only warn file has the iptables log report.

I tried logwatch but i cannot set it to read warn file.

Any ideas?