[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Log files monitoring
From: |
Marco Ermini |
Subject: |
Re: Log files monitoring |
Date: |
Thu, 05 May 2005 11:31:04 +0200 |
On 5/3/05, Mike Jackson <address@hidden> wrote:
> > You might like to try Logwatch, which is a Perl script that you run from
> > Cron.
> > It won't take action in the way Monit can, but it will email you when
> > something bad is appearing in the logs.
> >
> > See www.logwatch.org
>
> Swatch does the same thing, and can take action on events:
>
> http://swatch.sourceforge.net/
>
> I have it watching /var/log/auth.log on my FreeBSD box and adding packet
> filter rules to block hosts that try to log in via SSH as root or test.
[...]
I don't catch this... it's much more efficient to simply disable root logins
from SSH:
PermitRootLogin=off
or use tcp wrappers :-)
Regards!
--
Marco Ermini
http://www.markoer.org
Dubium sapientiae initium. (Descartes)
address@hidden # mount -t life -o ro /dev/dna /genetic/research
<< This message is for the designated recipient only and may contain
privileged or confidential information. If you have received it in
error, please notify the sender immediately and delete the original.
Any other use of the email by you is prohibited. >>
- Re: Log files monitoring, (continued)
- Re: Log files monitoring, Mike Jackson, 2005/05/03
- Re: Log files monitoring, Marco Ermini, 2005/05/03
- Re: Log files monitoring - forked Monit and Openview, Peter van der Does, 2005/05/04
- Re: Log files monitoring, Jan-Henrik Haukeland, 2005/05/04
- Re: Log files monitoring, Christian Hopp, 2005/05/05
- Re: Log files monitoring, Sorin S., 2005/05/05
- Re: Log files monitoring, Christian Hopp, 2005/05/05
- Re: Log files monitoring, Jan-Henrik Haukeland, 2005/05/05
- Re: Log files monitoring, SorinS, 2005/05/05
Re: Log files monitoring, Sorin S., 2005/05/04
Re: Log files monitoring,
Marco Ermini <=
Re: Log files monitoring, Marco Ermini, 2005/05/05