Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 250345 Details for
Bug 340657
Improved logcheck guide
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
logcheck.xml.diff
logcheck.xml.diff (text/plain), 2.30 KB, created by
Paweł Hajdan, Jr. (RETIRED)
on 2010-10-12 11:29:49 UTC
(
hide
)
Description:
logcheck.xml.diff
Filename:
MIME Type:
Creator:
Paweł Hajdan, Jr. (RETIRED)
Created:
2010-10-12 11:29:49 UTC
Size:
2.30 KB
patch
obsolete
>--- logcheck.xml.orig 2010-08-09 01:37:38.000000000 +0000 >+++ logcheck.xml 2010-10-12 11:25:32.000000000 +0000 >@@ -130,6 +130,16 @@ > </pre> > > <p> >+You also have to tell <c>logcheck</c> which log files to scan >+(<path>/etc/logcheck/logcheck.logfiles</path>). >+</p> >+ >+<pre caption="Basic /etc/logcheck/logcheck.logfiles setup"> >+<comment>(This is an example for syslog-ng)</comment> >+/var/log/messages >+</pre> >+ >+<p> > Finally, enable the logcheck cron job. > </p> > >@@ -161,4 +171,56 @@ > </body> > </section> > </chapter> >+ >+<chapter> >+<title>Troubleshooting</title> >+ >+<section> >+<title>General tips</title> >+<body> >+ >+<p> >+You can use the logcheck's <c>-d</c> switch to display more debugging >+information. Example: >+</p> >+ >+<pre caption="Debugging logcheck"> >+# <i>su -s /bin/bash -c '/usr/sbin/logcheck -d' logcheck</i> >+D: [1281318818] Turning debug mode on >+D: [1281318818] Sourcing - /etc/logcheck/logcheck.conf >+D: [1281318818] Finished getopts c:dhH:l:L:m:opr:RsS:tTuvw >+D: [1281318818] Trying to get lockfile: /var/lock/logcheck/logcheck.lock >+D: [1281318818] Running lockfile-touch /var/lock/logcheck/logcheck.lock >+D: [1281318818] cleanrules: /etc/logcheck/cracking.d/kernel >+... >+D: [1281318818] cleanrules: /etc/logcheck/violations.d/su >+D: [1281318818] cleanrules: /etc/logcheck/violations.d/sudo >+... >+D: [1281318825] logoutput called with file: /var/log/messages >+D: [1281318825] Running /usr/sbin/logtail2 on /var/log/messages >+D: [1281318825] Sorting logs >+D: [1281318825] Setting the Intro >+D: [1281318825] Checking for security alerts >+D: [1281318825] greplogoutput: kernel >+... >+D: [1281318825] greplogoutput: returning 1 >+D: [1281318825] Checking for security events >+... >+D: [1281318825] greplogoutput: su >+D: [1281318825] greplogoutput: Entries in checked >+D: [1281318825] cleanchecked - file: /tmp/logcheck.uIFLqU/violations-ignore/logcheck-su >+D: [1281318825] report: cat'ing - Security Events for su >+... >+D: [1281318835] report: cat'ing - System Events >+D: [1281318835] Setting the footer text >+D: [1281318835] Sending report: 'localhost 2010-08-09 03:53 Security Events' to root >+D: [1281318835] cleanup: Killing lockfile-touch - 17979 >+D: [1281318835] cleanup: Removing lockfile: /var/lock/logcheck/logcheck.lock >+D: [1281318835] cleanup: Removing - /tmp/logcheck.uIFLqU >+</pre> >+ >+</body> >+</section> >+ >+</chapter> > </guide>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=250345">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 340657
: 250345
