Myles Green babbled on about:
> Is that in your script Doug? If so, I'm gonna give it a whirl 'cause
> I've got 6 or 7 IIS ...errm.. Users... contributing to excessivly large
> http_access logs =(
nope. the code for that is in hte archives of this list over at
mail-archive.com
if it's just logging you're concerned with, you can do:
##
## httpd.conf -- Apache HTTP server configuration file
##
# Don't log worm attacks
SetEnvIf Request_URI "^/scripts/root\.exe" worm
SetEnvIf Request_URI "^MSADC/root\.exe" worm
SetEnvIf Request_URI "^/[cd]/winnt/system32/cmd\.exe" worm
SetEnvIf Request_URI "^/scripts/*/winnt/system32/cmd\.exe" worm
SetEnvIf Request_URI "^/_vti_bin/*/winnt/system32/cmd\.exe" worm
SetEnvIf Request_URI "^/_mem_bin/*/winnt/system32/cmd\.exe" worm
SetEnvIf Request_URI "^/default\.ida" worm
CustomLog /dev/null env=worm
# End worm stuff
# Logfiles
ErrorLog /opt/apache/logs/error_log
CustomLog /opt/apache/logs/referer_log referer
CustomLog /opt/apache/logs/agent_log agent
CustomLog /opt/apache/logs/access_log combined
--
Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
Admin: Linux StepByStep - http://linux.nf
Ahhh...I see the screw-up fairy has visited us again...
_______________________________________________
Linux-users mailing list - http://linux.nf/mailman/listinfo/linux-users
Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
