Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 59318 Details for
Bug 93240
sys-apps/logwatch doesn't analyze all logs generated by "hardened" syslog-ng
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to logwatch-6.0.2 config, using "hardened" syslog-ng's log-files
logwatch-6.0.2-conf.patch (text/plain), 6.04 KB, created by
Felix Tiede
on 2005-05-19 13:09:54 UTC
(
hide
)
Description:
Patch to logwatch-6.0.2 config, using "hardened" syslog-ng's log-files
Filename:
MIME Type:
Creator:
Felix Tiede
Created:
2005-05-19 13:09:54 UTC
Size:
6.04 KB
patch
obsolete
>diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/daemon.conf /etc/log.d/conf/logfiles/daemon.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/daemon.conf 1970-01-01 01:00:00.000000000 +0100 >+++ /etc/log.d/conf/logfiles/daemon.conf 2005-05-19 20:49:18.000000000 +0200 >@@ -0,0 +1,25 @@ >+# What actual file? Defaults to LogPath if not absolute path.... >+LogFile = daemon.log >+ >+# If the archives are searched, here is one or more line >+# (optionally containing wildcards) that tell where they are... >+# Note: if these are gzipped, you need to end with a .gz even if >+# you use wildcards... >+Archive = daemon.log.* >+Archive = archiv/daemon.log.* >+ >+# Expand the repeats (actually just removes them now) >+*ExpandRepeats >+ >+# Now, lets remove the services we don't care about at all... >+*RemoveService = talkd >+*RemoveService = telnetd >+*RemoveService = /sbin/mingetty >+*RemoveService = netscreen >+*RemoveService = NetScreen >+ >+# Keep only the lines in the proper date range... >+*OnlyHost >+*ApplyStdDate >+ >+# vi: shiftwidth=3 tabstop=3 et >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/kern.conf /etc/log.d/conf/logfiles/kern.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/kern.conf 1970-01-01 01:00:00.000000000 +0100 >+++ /etc/log.d/conf/logfiles/kern.conf 2005-05-19 21:00:17.000000000 +0200 >@@ -0,0 +1,27 @@ >+# What actual file? Defaults to LogPath if not absolute path.... >+LogFile = kern.log >+ >+# If the archives are searched, here is one or more line >+# (optionally containing wildcards) that tell where they are... >+# Note: if these are gzipped, you need to end with a .gz even if >+# you use wildcards... >+Archive = kern.log.* >+Archive = archiv/kern.log.* >+ >+# Expand the repeats (actually just removes them now) >+*ExpandRepeats >+ >+# Now, lets remove the services we don't care about at all... >+*RemoveService = talkd >+*RemoveService = telnetd >+*RemoveService = inetd >+*RemoveService = nfsd >+*RemoveService = /sbin/mingetty >+*RemoveService = netscreen >+*RemoveService = NetScreen >+ >+# Keep only the lines in the proper date range... >+*OnlyHost >+*ApplyStdDate >+ >+# vi: shiftwidth=3 tabstop=3 et >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/maillog.conf /etc/log.d/conf/logfiles/maillog.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/maillog.conf 2005-02-24 18:05:18.000000000 +0100 >+++ /etc/log.d/conf/logfiles/maillog.conf 2005-05-13 07:25:11.000000000 +0200 >@@ -12,6 +12,7 @@ > > # What actual file? Defaults to LogPath if not absolute path.... > LogFile = maillog >+LogFile = mail.* > > # If the archives are searched, here is one or more line > # (optionally containing wildcards) that tell where they are... >@@ -19,6 +20,8 @@ > # you use wildcards... > Archive = maillog.* > Archive = archiv/maillog.* >+Archive = mail.*.* >+Archive = archiv/mail.*.* > > # Expand the repeats (actually just removes them now) > *ExpandRepeats >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/secure.conf /etc/log.d/conf/logfiles/secure.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/logfiles/secure.conf 2005-04-18 23:53:55.000000000 +0200 >+++ /etc/log.d/conf/logfiles/secure.conf 2005-05-19 22:01:03.000000000 +0200 >@@ -13,6 +13,7 @@ > # What actual file? Defaults to LogPath if not absolute path.... > LogFile = secure > LogFile = authlog >+LogFile = auth.log > > # If the archives are searched, here is one or more line > # (optionally containing wildcards) that tell where they are... >@@ -21,6 +22,7 @@ > Archive = secure.* > Archive = archiv/secure.* > Archive = authlog.* >+Archive = auth.log.* > > # Expand the repeats (actually just removes them now) > *ExpandRepeats >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/kernel.conf /etc/log.d/conf/services/kernel.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/kernel.conf 2005-02-24 18:05:20.000000000 +0100 >+++ /etc/log.d/conf/services/kernel.conf 2005-05-11 14:41:20.000000000 +0200 >@@ -16,6 +16,7 @@ > > # Which logfile group... > LogFile = messages >+LogFile = kern > > # Only give lines pertaining to the kernel service... > *OnlyService = kernel >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/pam.conf /etc/log.d/conf/services/pam.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/pam.conf 2005-02-24 18:05:20.000000000 +0100 >+++ /etc/log.d/conf/services/pam.conf 2005-05-11 14:59:40.000000000 +0200 >@@ -16,6 +16,7 @@ > > # Which logfile group... > LogFile = messages >+LogFile = secure > > # Only give lines pertaining to the pam service... > *OnlyService = pam >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/pam_pwdb.conf /etc/log.d/conf/services/pam_pwdb.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/pam_pwdb.conf 2005-02-24 18:05:20.000000000 +0100 >+++ /etc/log.d/conf/services/pam_pwdb.conf 2005-05-11 14:59:55.000000000 +0200 >@@ -16,6 +16,7 @@ > > # Which logfile group... > LogFile = messages >+LogFile = secure > > # Only give lines pertaining to the PAM_pwdb service... > *OnlyService = pam_pwdb >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/smartd.conf /etc/log.d/conf/services/smartd.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/smartd.conf 2005-02-24 18:05:20.000000000 +0100 >+++ /etc/log.d/conf/services/smartd.conf 2005-05-11 14:49:56.000000000 +0200 >@@ -16,6 +16,7 @@ > > # Which logfile group... > LogFile = messages >+LogFile = daemon > > # Only give lines pertaining to the smartd service... > *OnlyService = smartd >diff -urN /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/sshd2.conf /etc/log.d/conf/services/sshd2.conf >--- /var/tmp/portage/logwatch-6.0.2/work/logwatch-6.0.2/conf/services/sshd2.conf 2005-02-24 18:05:20.000000000 +0100 >+++ /etc/log.d/conf/services/sshd2.conf 2005-05-11 15:00:38.000000000 +0200 >@@ -16,6 +16,7 @@ > > # Which logfile group... > LogFile = messages >+LogFile = secure > > # Only give lines pertaining to the sshd2 service... > *OnlyService = sshd2
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=59318">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 93240
: 59318
