If you don't want to see certain activity in the reports, look at logcheck.ignore. Anything specified in that file will be ignored by logcheck. For example, "ipop3d.*Moved" will ignore entries like this from maillog: Sep 22 21:28:06 yoda ipop3d[2967]: Moved 7395 bytes of new mail to /home/ed/mbox from /var/spool/mail/ed host= eds.wrenkasky.com [10.10.10.11] If you have trouble, send me one of the messages from the log file. Ed At 11:01 PM Saturday, 9/22/2001, Paul Rodríguez wrote -=> >After reading this, I installed Logcheck (after a couple of hours of playing >around with sendmail and postfix, and after an hour realizing I wasn't >getting the emails because I had disabled postfix on boot up since I wasn't >using it yet.. DOH!) > >Anywase.. how do I filter out the port 68 DHCP scans from the program? It >thinks they are attacks and fill my log pretty good.. :( > >On Saturday 22 September 2001 15:13, you wrote: > > FWIW - > > > > I use a handy little tool called Logcheck from Psionic that monitors logs > > and reports via email. It's very configurable and runs via cron so you can > > run it as often as you like. Ed Kasky Los Angeles, CA . . . . . . . . It's pretty far, but it doesn't seem like it. -Yogi Berra, giving directions
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com