インストール
[root@falcon21 ~]# yum -y install logwatch
インストール:
logwatch.noarch 0:7.3.6-55.el6
依存性関連をインストールしました:
perl-Date-Manip.noarch 0:6.24-1.el6 perl-YAML-Syck.i686 0:1.07-4.el6
設定
[root@falcon21 ~]# vi /etc/logwatch/conf/logwatch.conf
# Local configuration options go here (defaults are in /usr/share/logwatch/default.conf/logwatch.conf)
/usr/share/logwatch/default.conf/logwatch.confをコピー・編集
[root@falcon21 ~]# cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/logwatch.conf
cp: `/etc/logwatch/conf/logwatch.conf' を上書きしてもよろしいですか(yes/no)? yes
[root@falcon21 ~]# vi /etc/logwatch/conf/logwatch.conf
1 #######################################################
2 # This was written and is maintained by:
3 # Kirk Bauer <kirk@kaybee.org>
4 #
5 # Please send all comments, suggestions, bug reports,
6 # etc, to kirk@kaybee.org.
7 #
8 ########################################################
9
10 # NOTE:
11 # All these options are the defaults if you run logwatch with no
12 # command-line arguments. You can override all of these on the
13 # command-line.
14
15 # You can put comments anywhere you want to. They are effective for the
16 # rest of the line.
17
18 # this is in the format of <name> = <value>. Whitespace at the beginning
19 # and end of the lines is removed. Whitespace before and after the = sign
20 # is removed. Everything is case *insensitive*.
21
22 # Yes = True = On = 1
23 # No = False = Off = 0
24
25 # Default Log Directory
26 # All log-files are assumed to be given relative to this directory.
27 LogDir = /var/log
28
29 # You can override the default temp directory (/tmp) here
30 TmpDir = /var/cache/logwatch
31
32 # Default person to mail reports to. Can be a local account or a
33 # complete email address. Variable Print should be set to No to
34 # enable mail feature.
35 MailTo = root
36 # WHen using option --multiemail, it is possible to specify a different
37 # email recipient per host processed. For example, to send the report
38 # for hostname host1 to user@example.com, use:
39 #Mailto_host1 = user@example.com
40 # Multiple recipients can be specified by separating them with a space.
41
42 # Default person to mail reports from. Can be a local account or a
43 # complete email address.
44 MailFrom = Logwatch
45
46 # If set to 'Yes', the report will be sent to stdout instead of being
47 # mailed to above person.
48 Print =
49
50 # if set, the results will be saved in <filename> instead of mailed
51 # or displayed.
52 #Save = /tmp/logwatch
53
54 # Use archives? If set to 'Yes', the archives of logfiles
55 # (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will
56 # be searched in addition to the /var/log/messages file.
57 # This usually will not do much if your range is set to just
58 # 'Yesterday' or 'Today'... it is probably best used with
59 # By default this is now set to Yes. To turn off Archives uncomment this.
60 #Archives = No
61 # Range = All
62
63 # The default time range for the report...
64 # The current choices are All, Today, Yesterday
65 Range = yesterday
66
67 # The default detail level for the report.
68 # This can either be Low, Med, High or a number.
69 # Low = 0
70 # Med = 5
71 # High = 10
72 Detail = Low //High に変更
73
74
75 # The 'Service' option expects either the name of a filter
76 # (in /usr/share/logwatch/scripts/services/*) or 'All'.
77 # The default service(s) to report on. This should be left as All for
78 # most people.
79 Service = All
80 # You can also disable certain services 特定のサービスを無効にする (when specifying all)
81 Service = "-zz-network" # Prevents execution 実行を阻止するof zz-network service, which
82 # prints useful network configuration info.
83 Service = "-zz-sys" # Prevents execution 実行を阻止するof zz-sys service, which
84 # prints useful system configuration info.
85 Service = "-eximstats" # Prevents execution 実行を阻止するof eximstats service, which
86 # is a wrapper for the eximstats program.
87 # If you only cared about FTP messages, you could use these 2 lines
88 # instead of the above:
89 #Service = ftpd-messages # Processes ftpd messages in /var/log/messages
90 #Service = ftpd-xferlog # Processes ftpd messages in /var/log/xferlog
91 # Maybe you only wanted reports on PAM messages, then you would use:
92 #Service = pam_pwdb # PAM_pwdb messages - usually quite a bit
93 #Service = pam # General PAM messages... usually not many
94
95 # You can also choose to use the 'LogFile' option. This will cause
96 # logwatch to only analyze that one logfile.. for example:
97 #LogFile = messages
98 # will process /var/log/messages. This will run all the filters that
99 # process that logfile. This option is probably not too useful to
100 # most people. Setting 'Service' to 'All' above analyizes all LogFiles
101 # anyways...
102
103 #
104 # By default we assume that all Unix systems have sendmail or a sendmail-like syst em.
105 # The mailer code Prints a header with To: From: and Subject:.
106 # At this point you can change the mailer to any thing else that can handle that o utput
107 # stream. TODO test variables in the mailer string to see if the To/From/Subject c an be set
108 # From here with out breaking anything. This would allow mail/mailx/nail etc..... -mgt
109 mailer = "sendmail -t"
110
111 #
112 # With this option set to 'Yes', only log entries for this particular host
113 # (as returned by 'hostname' command) will be processed. The hostname
114 # can also be overridden on the commandline (with --hostname option). This
115 # can allow a log host to process only its own logs, or Logwatch can be
116 # run once per host included in the logfiles.
117 #
118 # The default is to report on all log entries, regardless of its source host.
119 # Note that some logfiles do not include host information and will not be
120 # influenced by this setting.
121 #
122 #HostLimit = Yes
123
124 # By default the cron daemon generates daily logwatch report
125 # if you want to switch it off uncomment DailyReport tag.
126 # The implicit value is Yes
127 #
128 # DailyReport = No
129
130 # vi: shiftwidth=3 tabstop=3 et
*******************************
logwatch はデフォルトで毎日1回ログレポートをメール送信する 確認
[root@falcon21 ~]# vi /etc/cron.daily/0logwatch
#!/bin/bash
DailyReport=`grep -e "^[[:space:]]*DailyReport[[:space:]]*=[[:space:]]*" /usr/share/logwatch/default.conf/logwatch.conf | head -n1 | sed -e "s|^\s*DailyReport\s*=\s*||"`
if [ "$DailyReport" != "No" ] && [ "$DailyReport" != "no" ]
then
logwatch
fi
********************
実行確認
[root@falcon21 ~]# /etc/cron.daily/0logwatch
コマンドで出力
[root@falcon21 ~]# logwatch --print
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Sun Jul 30 09:29:05 2017
Date Range Processed: yesterday
( 2017-Jul-29 )
Period is day.
Detail Level of Output: 10
Type of Output: unformatted
Logfiles for Host: falcon21.space
##################################################################
--------------------- Amavisd-new Begin ------------------------
****** Summary *************************************************************************************
3 *Warning
---------------------- Amavisd-new End -------------------------
--------------------- Selinux Audit Begin ------------------------
*** Logs which could mean a bug ***
major=355 name_count=0: freeing multiple contexts (2)
major=252 name_count=0: freeing multiple contexts (1)
**Unmatched Entries**
audit(:0): major=355 name_count=0: freeing multiple contexts (3)
audit(:0): major=355 name_count=0: freeing multiple contexts (4)
audit(:0): major=355 name_count=0: freeing multiple contexts (5)
audit(:0): major=355 name_count=0: freeing multiple contexts (6)
audit(:0): major=355 name_count=0: freeing multiple contexts (7)
audit(:0): major=355 name_count=0: freeing multiple contexts (8)
audit(:0): major=355 name_count=0: freeing multiple contexts (9)
audit(:0): major=355 name_count=0: freeing multiple contexts (10)
audit: freed 10 contexts
---------------------- Selinux Audit End -------------------------
--------------------- clam-update Begin ------------------------
No updates detected in the log for the freshclam daemon (the
ClamAV update process). If the freshclam daemon is not running,
you may need to restart it. Other options:
A. If you no longer wish to run freshclam, deleting the log file
(default is freshclam.log) will suppress this error message.
B. If you use a different log file, update the appropriate
configuration file. For example:
echo "LogFile = log_file" >> /etc/logwatch/conf/logfiles/clam-update.conf
where log_file is the filename of the freshclam log file.
C. If you are logging using syslog, you need to indicate that your
log file uses the syslog format. For example:
echo "*OnlyService = freshclam" >> /etc/logwatch/conf/logfiles/clam-update.conf
echo "*RemoveHeaders" >> /etc/logwatch/conf/logfiles/clam-update.conf
---------------------- clam-update End -------------------------
--------------------- Clamav Begin ------------------------
Daemon stopped: 4 Time(s)
**Unmatched Entries**
Received 0 file descriptor(s) from systemd.
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
TCP: Bound to [127.0.0.1]:3310
TCP: Setting connection queue length to 30
LOCAL: Unix socket file /var/run/clamav/clamd.sock
LOCAL: Setting connection queue length to 30
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Received 0 file descriptor(s) from systemd.
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
TCP: Bound to [127.0.0.1]:3310
TCP: Setting connection queue length to 30
LOCAL: Unix socket file /var/run/clamav/clamd.sock
LOCAL: Setting connection queue length to 30
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Received 0 file descriptor(s) from systemd.
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
TCP: Bound to [127.0.0.1]:3310
TCP: Setting connection queue length to 30
LOCAL: Unix socket file /var/run/clamav/clamd.sock
LOCAL: Setting connection queue length to 30
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Received 0 file descriptor(s) from systemd.
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
TCP: Bound to [127.0.0.1]:3310
TCP: Setting connection queue length to 30
LOCAL: Unix socket file /var/run/clamav/clamd.sock
LOCAL: Setting connection queue length to 30
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
---------------------- Clamav End -------------------------
--------------------- Dovecot Begin ------------------------
[Dovecot IMAP and POP3] Connections:
====================================
Host | POP3 | IMAP | Total
-------------------------------------- | --------- |--------- | ---------
192.168.2.1 | 70 | 0 | 70
-------------------------------------------------------------------------
70 | 0 | 70
Dovecot IMAP and POP3 Successful Logins:
User kazuya: (70 POP3)
From 192.168.2.1: 70 Time(s)
Total: 70 successful logins
Dovecot disconnects:
Logged out: 70 Time(s)
no auth attempts: 3 Time(s)
---------------------- Dovecot End -------------------------
--------------------- httpd Begin ------------------------
5.03 MB transferred in 900 responses (1xx 0, 2xx 345, 3xx 60, 4xx 477, 5xx 18)
232 Images (0.12 MB),
4 Documents (0.01 MB),
556 Content pages (4.89 MB),
96 Proxy Configuration Files (0.00 MB),
12 Other (0.00 MB)
Requests with error response codes
400 Bad Request
/: 6 Time(s)
401 Unauthorized
/: 16 Time(s)
//a2billing/customer/templates/default/footer.tpl: 2 Time(s)
/kazuya/secret/: 4 Time(s)
/kazuya/secret/centos6.9/%E3%82%B5%E3%83%B ... AD%E5%AE%9A.htm: 2 Time(s)
/kazuya/secret/centos6.9/%E3%82%B5%E3%83%B ... B%E7%AF%89.html: 2 Time(s)
403 Forbidden
/: 84 Time(s)
//wp-login.php: 2 Time(s)
/manager/html: 10 Time(s)
/modules/bulletin/index.php?HypEncHint=%E3 ... =3&page=article: 4 Time(s)
/modules/bulletin/index.php?today=2017-02: 2 Time(s)
/modules/bulletin/index.php?today=2017-02'A=0: 2 Time(s)
/modules/d3diary/index.php: 2 Time(s)
/modules/diary/index.php?page=block_css: 2 Time(s)
/modules/diary/index.php?page=detail&bid=2 ... =3&odr=time_dsc: 2 Time(s)
/modules/diary/index.php?page=detail&bid=7 ... r=2015year=2014: 2 Time(s)
/modules/diary/index.php?page=detail&req_uid=1&bid=71: 2 Time(s)
/modules/diary/index.php?page=main_css: 2 Time(s)
/modules/diary/index.php?page=photolist&re ... category&cid=20: 2 Time(s)
/modules/diary/index.php?req_uid=1&mode=ca ... %85%8D%E4%BF%A1: 4 Time(s)
/modules/diary/index.php?req_uid=1&mode=ca ... 7&odr=title_asc: 2 Time(s)
/modules/diary/index.php?req_uid=1&mode=ca ... ar=2015&month=1: 2 Time(s)
/modules/diary/index.php?req_uid=1&mode=ca ... r=2016&month=09: 2 Time(s)
/modules/diary/index.php?req_uid=1&mode=ca ... shclam%20log%20: 2 Time(s)
/modules/diary/index.php?req_uid=1&year=20 ... category&cid=10: 4 Time(s)
/modules/diary/index.php?req_uid=1&year=2015&month=8: 2 Time(s)
/modules/pico/index.php: 16 Time(s)
/modules/pico/index.php?HypEncHint=%E3%81% ... id=285&point=10: 2 Time(s)
/modules/pico/index.php?HypEncHint=%E3%81% ... id=449&point=10: 2 Time(s)
/modules/pico/index.php?HypEncHint=%E3%81% ... id=484&point=10: 2 Time(s)
/modules/pico/index.php?HypEncHint=%E3%81% ... id=627&point=10: 2 Time(s)
/modules/pico/index.php?HypEncHint=%E3%81% ... id=712&point=10: 2 Time(s)
/modules/pico/index.php?cat_id=14: 2 Time(s)
/modules/pico/index.php?cat_id=15: 2 Time(s)
/modules/pico/index.php?cat_id=18: 2 Time(s)
/modules/pico/index.php?cat_id=39: 2 Time(s)
/modules/pico/index.php?cat_id=70: 2 Time(s)
/modules/pico/index.php?content_id=104: 2 Time(s)
/modules/pico/index.php?content_id=156: 2 Time(s)
/modules/pico/index.php?content_id=161&page=print: 2 Time(s)
/modules/pico/index.php?content_id=178: 2 Time(s)
/modules/pico/index.php?content_id=202&PHP ... lnngtbpq44kss91: 2 Time(s)
/modules/pico/index.php?content_id=275: 2 Time(s)
/modules/pico/index.php?content_id=278&page=print: 2 Time(s)
/modules/pico/index.php?content_id=364: 2 Time(s)
/modules/pico/index.php?content_id=367: 2 Time(s)
/modules/pico/index.php?content_id=368: 2 Time(s)
/modules/pico/index.php?content_id=378: 2 Time(s)
/modules/pico/index.php?content_id=400: 2 Time(s)
/modules/pico/index.php?content_id=406: 2 Time(s)
/modules/pico/index.php?content_id=430: 2 Time(s)
/modules/pico/index.php?content_id=44: 2 Time(s)
/modules/pico/index.php?content_id=460: 2 Time(s)
/modules/pico/index.php?content_id=463: 2 Time(s)
/modules/pico/index.php?content_id=464: 2 Time(s)
/modules/pico/index.php?content_id=488: 2 Time(s)
/modules/pico/index.php?content_id=489&page=print: 2 Time(s)
/modules/pico/index.php?content_id=575: 2 Time(s)
/modules/pico/index.php?content_id=576: 2 Time(s)
/modules/pico/index.php?content_id=608: 2 Time(s)
/modules/pico/index.php?content_id=614: 2 Time(s)
/modules/pico/index.php?content_id=617: 2 Time(s)
/modules/pico/index.php?content_id=644: 2 Time(s)
/modules/pico/index.php?content_id=648: 2 Time(s)
/modules/pico/index.php?content_id=694: 2 Time(s)
/modules/pico/index.php?content_id=700: 2 Time(s)
/modules/pico/index.php?content_id=712: 2 Time(s)
/robots.txt: 12 Time(s)
/up.php: 8 Time(s)
/uploads/fckeditor/uid000001_201510081602221975f33c.gif: 2 Time(s)
/wp-content/plugins/wp-crm/third-party/upl ... y/uploadify.css: 2 Time(s)
/wp-login.php: 2 Time(s)
/wpad.dat: 96 Time(s)
/xx/modules/bulletin/index.php?page=article&storyid=2: 2 Time(s)
http://proxycrawler.amuzi.me/: 2 Time(s)
404 Not Found
/images/s_poweredby.gif: 78 Time(s)
/themes/FCT_Majestic/images/logo.png: 6 Time(s)
/wami/example/client/index.html: 1 Time(s)
/xxx/modules/multiMenu/admin/index.php?mnum=01&op=del&id=4: 1 Time(s)
/xxx/modules/xsns/?p=mypage&uid=1: 1 Time(s)
503 Service Unavailable
/: 8 Time(s)
/blender/modules/bulletin/index.php?caldate=2017-03-22: 2 Time(s)
/blender/modules/bulletin/index.php?today=2016-09: 2 Time(s)
/blender/modules/pico/index.php?content_id=2: 2 Time(s)
/blender/modules/pico/index.php?content_id=3: 2 Time(s)
/user.php?xoops_redirect=%2Fuser.php: 2 Time(s)
A total of 4 ROBOTS were logged
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 5 Time(s)
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 2 Time(s)
Mozilla/5.0 (compatible; SemrushBot/1.2~bl; +http://www.semrush.com/bot.html) 2 Time(s)
Mozilla/5.0 (compatible; MJ12bot/v1.4.7; http://mj12bot.com/) 4 Time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
1 Time(s): audit: freed 10 contexts
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
dovecot:
Authentication Failures:
Microsoft_Windows_U rhost=210.16.102.154 : 16 Time(s)
ABUSE rhost=120.27.94.124 : 13 Time(s)
中略
Unknown Entries:
check pass; user unknown: 2648 Time(s)
su-l:
Sessions Opened:
kazuya -> root: 2 Time(s)
vsftpd:
Unknown Entries:
check pass; user unknown: 2 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=anonymous rhost=80.254.56.250 : 1 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=anonymous rhost=flower.census.shodan.io : 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
****** Summary *************************************************************************************
1681 *Warning: Pre-queue content-filter connection overload
4200 SASL authentication failed
15.812K Bytes accepted 16,192
14.434K Bytes delivered 14,780
======== ================================================
5 Accepted 71.43%
2 Rejected 28.57%
-------- ------------------------------------------------
7 Total 100.00%
======== ================================================
2 Reject recipient address 100.00%
-------- ------------------------------------------------
2 Total Rejects 100.00%
======== ================================================
1696 Connections made
1 Connections lost
1694 Disconnections
5 Removed from queue
2 Delivered
2 Sent via SMTP
1 Bounce (local)
1 DSNs undeliverable
1 Timeout (inbound)
3 Hostname verification errors
1 Postfix start
1 Postfix stop
****** Detailed ************************************************************************************
1681 *Warning: Pre-queue content-filter connection overload ----------------------------------
1675 After AUTH
1675 unknown
4 After CONNECT
4 unknown
1 After EHLO
1 unknown
1 After RCPT
1 unknown
4200 SASL authentication failed --------------------------------------------------------------
3987 210.16.102.154 unknown
198 120.27.94.124 unknown
12 200.252.5.210 unknown
3 179.43.144.37 unknown
2 Reject recipient address ----------------------------------------------------------------
2 Access denied
1 eax_64@yahoo.com
1 120.27.94.124 unknown
1 spamprotection@freemailhost.ru
1 91.236.75.169 unknown
1 Connections lost ------------------------------------------------------------------------
1 After STARTTLS
1 researchscan431.eecs.umich.edu
2 Delivered -------------------------------------------------------------------------------
2 falcon21.space
1 anpachi
1 kazuya
1 postmaster@falcon21.space
2 Sent via SMTP ---------------------------------------------------------------------------
1 anpachi.moe.hm
1 hayato
1 falcon21.space
1 postmaster
1 postmaster
1 Bounce (local) --------------------------------------------------------------------------
1 5.4.6: Permanent Failure: Network & Routing Status: Routing loop detected
1 hayato@anpachi.moe.hm
1 Mail for anpachi.moe.hm loops back to myself
1 Timeout (inbound) -----------------------------------------------------------------------
1 After AUTH
1 unknown
3 Hostname verification errors ------------------------------------------------------------
3 Address not listed for hostname
1 45.55.21.251 zg-0724b-103.stretchoid.com
1 107.170.205.206 zg-0724b-0.stretchoid.com
1 173.242.121.30 vdrive30.zaptail.com
---------------------- Postfix End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
kazuya:
192.168.2.106: 2 times
---------------------- SSHD End -------------------------
--------------------- vsftpd-messages Begin ------------------------
Failed FTP Logins:
(94.102.49.190): anonymous - 1 Time(s)
(80.254.56.250): anonymous - 1 Time(s)
---------------------- vsftpd-messages End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_falcon21-lv_root
210G 11G 198G 5% /
/dev/sda1 477M 91M 361M 21% /boot
/dev/mapper/vg_falcon21-lv_home
231G 6.6G 213G 4% /home
/dev/sdb1 459G 11G 425G 3% /mnt/usb
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################