[Logcheck-devel] Bug#252966: Debug mode
Damien Raude-Morvan
drazzib at drazzib.com
Sun Jun 6 13:51:17 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Some debug output from logcheck for the same error :
- -------------------------------------------------------------------------------------------
D: [1086529418] Sourcing - /etc/logcheck/logcheck.conf
D: [1086529418] Finished getopts
D: [1086529418] Trying to get lockfile: /var/lock/logcheck.lock
D: [1086529418] Running lockfile-touch /var/lock/logcheck.lock
D: [1086529418] cleanrules: /etc/logcheck/cracking.d/logcheck
D: [1086529418] cleanrules: /etc/logcheck/violations.d/logcheck
D: [1086529419] cleanrules: /etc/logcheck/violations.d/su
D: [1086529419] cleanrules: /etc/logcheck/violations.d/sudo
D: [1086529419] cleanrules: /etc/logcheck/violations.ignore.d/hotplug
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/innd
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-bind
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-innd
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-postfix
D: [1086529420]
cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail
D: [1086529420]
cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail_tmp
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-spamd
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su
D: [1086529420] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo
D: [1086529421] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-usb
D: [1086529421] cleanrules: /etc/logcheck/violations.ignore.d/su
D: [1086529421] cleanrules: /etc/logcheck/ignore.d.server/arpwatch
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/automount
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/bind
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/courier-imap
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/courier-imap-ssl
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/cron
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/cyrus
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/dhclient
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/dhcp
D: [1086529422] cleanrules: /etc/logcheck/ignore.d.server/fetchmail
D: [1086529423] cleanrules: /etc/logcheck/ignore.d.server/imap
D: [1086529423] cleanrules: /etc/logcheck/ignore.d.server/imapd-ssl
D: [1086529423] cleanrules: /etc/logcheck/ignore.d.server/imp
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/innd
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/ipppd
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/isdnlog
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/isdnutils
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/logcheck
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/nntpcache
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/ntp
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/oidentd
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/openvpn
D: [1086529424] cleanrules: /etc/logcheck/ignore.d.server/pop3d-ssl
D: [1086529425] cleanrules: /etc/logcheck/ignore.d.server/postfix
D: [1086529425] cleanrules: /etc/logcheck/ignore.d.server/ppp
D: [1086529425] cleanrules: /etc/logcheck/ignore.d.server/proftpd
D: [1086529425] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/samba
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/spamd
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/squid
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/ssh
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/stunnel
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.server/uptimed
D: [1086529426] cleanrules: /etc/logcheck/ignore.d.paranoid/bind
D: [1086529427] cleanrules: /etc/logcheck/ignore.d.paranoid/cron
D: [1086529427] cleanrules: /etc/logcheck/ignore.d.paranoid/imap
D: [1086529427] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck
D: [1086529427] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/proftpd
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/squid
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel
D: [1086529428] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd
D: [1086529429] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd
D: [1086529429] Running logtail: /var/log/syslog
D: [1086529430] Running logtail: /var/log/auth.log
D: [1086529430] Sorting logs
D: [1086529430] Setting the Intro
D: [1086529430] Checking for security alerts
D: [1086529431] greplogoutput: logcheck
D: [1086529431] greplogoutput: returning 1
D: [1086529431] Checking for security events
D: [1086529431] greplogoutput: logcheck
D: [1086529432] greplogoutput: Entries in checked
D: [1086529432] Applying Logcheck override files
D: [1086529432] clean logcheck-<package>: hotplug
D: [1086529432] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/hotplug
D: [1086529432] clean logcheck-<package>: innd
D: [1086529432] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/innd
D: [1086529432] clean logcheck-<package>: logcheck-bind
D: [1086529432] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-bind
D: [1086529432] clean logcheck-<package>: logcheck-innd
D: [1086529432] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-innd
D: [1086529433] clean logcheck-<package>: logcheck-postfix
D: [1086529433] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-postfix
D: [1086529433] clean logcheck-<package>: logcheck-sendmail
D: [1086529433] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-sendmail
D: [1086529433] clean logcheck-<package>: logcheck-sendmail_tmp
D: [1086529433] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-sendmail_tmp
D: [1086529434] clean logcheck-<package>: logcheck-spamd
D: [1086529434] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-spamd
D: [1086529434] clean logcheck-<package>: logcheck-su
D: [1086529434] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-su
D: [1086529434] clean logcheck-<package>: logcheck-sudo
D: [1086529434] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-sudo
D: [1086529434] clean logcheck-<package>: logcheck-usb
D: [1086529434] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/logcheck-usb
D: [1086529434] clean logcheck-<package>: su
D: [1086529435] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/su
D: [1086529435] Cleaning logcheck
D: [1086529435] Cleaning logcheck: su
D: [1086529435] cleanchecked -
file: /tmp/logcheck.XX15SXxJ/violations-ignore/su
D: [1086529435] Cleaning logcheck: sudo
D: [1086529435] error: Killing lockfile-touch - 19120
D: [1086529435] error: Removing lockfile: /var/lock/logcheck.lock
D: [1086529435] Error: cleanchecked: Not a file or a directory
D: [1086529436] cleanup: Killing lockfile-touch - 19120
/usr/sbin/logcheck: line 84: kill: (19120) - No such process
D: [1086529436] Cleanup: Removing - /tmp/logcheck.XX15SXxJ
- -------------------------------------------------------------------------------------------
on another server (where logcheck run fine) :
D: [1086529390] Sourcing - /etc/logcheck/logcheck.conf
D: [1086529390] Finished getopts
D: [1086529390] Trying to get lockfile: /var/lock/logcheck.lock
D: [1086529390] Running lockfile-touch /var/lock/logcheck.lock
D: [1086529390] cleanrules: /etc/logcheck/cracking.d/logcheck
D: [1086529390] cleanrules: /etc/logcheck/violations.d/logcheck
D: [1086529390] cleanrules: /etc/logcheck/violations.d/su
D: [1086529390] cleanrules: /etc/logcheck/violations.d/sudo
D: [1086529390] cleanrules: /etc/logcheck/violations.ignore.d/innd
D: [1086529390] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-bind
D: [1086529390] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-innd
D: [1086529390] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-postfix
D: [1086529391]
cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail
D: [1086529391]
cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail_tmp
D: [1086529391] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-spamd
D: [1086529391] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su
D: [1086529391] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo
D: [1086529391] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-usb
D: [1086529391] cleanrules: /etc/logcheck/violations.ignore.d/su
D: [1086529391] cleanrules: /etc/logcheck/ignore.d.server/arpwatch
D: [1086529391] cleanrules: /etc/logcheck/ignore.d.server/automount
D: [1086529391] cleanrules: /etc/logcheck/ignore.d.server/bind
D: [1086529391] cleanrules: /etc/logcheck/ignore.d.server/cron
D: [1086529391] cleanrules: /etc/logcheck/ignore.d.server/cyrus
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/dhclient
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/dhcp
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/imap
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/imapd-ssl
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/imp
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/innd
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/ipppd
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/isdnlog
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/isdnutils
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/logcheck
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/mysql-server
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/nntpcache
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/ntp
D: [1086529392] cleanrules: /etc/logcheck/ignore.d.server/oidentd
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/openvpn
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/pop3d-ssl
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/postfix
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/ppp
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/proftpd
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/samba
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/spamd
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/squid
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/ssh
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/stunnel
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp
D: [1086529393] cleanrules: /etc/logcheck/ignore.d.server/uptimed
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/bind
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/cron
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/imap
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/proftpd
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/squid
D: [1086529394] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh
D: [1086529395] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel
D: [1086529395] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd
D: [1086529395] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd
D: [1086529395] Running logtail: /var/log/syslog
D: [1086529396] Running logtail: /var/log/auth.log
D: [1086529396] Sorting logs
D: [1086529396] Setting the Intro
D: [1086529396] Checking for security alerts
D: [1086529396] greplogoutput: logcheck
D: [1086529396] greplogoutput: returning 1
D: [1086529396] Checking for security events
D: [1086529396] greplogoutput: logcheck
D: [1086529397] greplogoutput: su
D: [1086529397] greplogoutput: Entries in checked
D: [1086529397] cleanchecked -
file: /tmp/logcheck.XXYJeJnw/violations-ignore/su
D: [1086529397] cleanchecked -
file: /tmp/logcheck.XXYJeJnw/violations-ignore/logcheck-su
D: [1086529397] greplogoutput: sudo
D: [1086529397] greplogoutput: returning 1
D: [1086529397] Checking for system events
D: [1086529397] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore
D: [1086529397] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/arpwatch
D: [1086529397] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/automount
D: [1086529397] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/bind
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/cron
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/cyrus
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/dhclient
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/dhcp
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/imap
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/imapd-ssl
D: [1086529398] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/imp
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/innd
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/ipppd
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/isdnlog
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/isdnutils
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/logcheck
D: [1086529399] cleanchecked - dir
- - /tmp/logcheck.XXYJeJnw/ignore/mysql-server
D: [1086529399] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/nntpcache
D: [1086529400] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/ntp
D: [1086529400] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/oidentd
D: [1086529400] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/openvpn
D: [1086529400] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/pop3d-ssl
D: [1086529400] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/postfix
D: [1086529406] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/ppp
D: [1086529406] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/proftpd
D: [1086529406] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/qpopper
D: [1086529406] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/rpc_statd
D: [1086529406] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/samba
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/spamd
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/squid
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/ssh
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/stunnel
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/sysklogd
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/telnetd
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/ucd-snmp
D: [1086529407] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/ignore/uptimed
D: [1086529408] Removing alerts from system events
D: [1086529408] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/cracking
D: [1086529408] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/cracking/logcheck
D: [1086529408] Removing violations from system events
D: [1086529408] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/violations
D: [1086529408] cleanchecked - dir
- - /tmp/logcheck.XXYJeJnw/violations/logcheck
D: [1086529408] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/violations/su
D: [1086529408] cleanchecked - dir - /tmp/logcheck.XXYJeJnw/violations/sudo
D: [1086529409] report: cat'ing - System Events
D: [1086529409] Setting the footer text
D: [1086529409] Sending report: 'zeus 2004-06-06 15:43 System Events' to root
D: [1086529409] cleanup: Killing lockfile-touch - 17881
D: [1086529409] cleanup: Removing lockfile: /var/lock/logcheck.lock
D: [1086529409] Cleanup: Removing - /tmp/logcheck.XXYJeJnw
- --------------------------------------------------------------------------------------------------------------
any idea ?
- --
Damien Raude-Morvan - DrazziB
GPG : 0x337C7EBB
WWW : www.drazzib.com
ICQ : 68119943
TEL : (+33) 06 08 80 36 98
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAwyFZ927daDN8frsRAuADAKCA6cHdTTKJkVBy8cYOiGldDUJKJgCeNtkz
FxJEU7W88PH/226Xaof4d6k=
=qSdj
-----END PGP SIGNATURE-----
More information about the Logcheck-devel
mailing list