Re: What's sending "www 02/10/02:19.02 system check" messages

To: debian-user <debian-user@lists.debian.org>
Subject: Re: What's sending "www 02/10/02:19.02 system check" messages
From: Aaron Hall <ahall@vitaphone.net>
Date: Mon, 11 Feb 2002 12:10:06 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.44.0202111208490.32502-100000@aja.vitaphone.net>

Hit wrong key, didn't follow up to list. Sheesh. :)

On Mon, 11 Feb 2002, Chris Evans wrote:

> I've just transferred from Hamm to Potato and the new system is
> Emailing me excellent security messages with subject line like: "www
> 02/10/02:19.02 system check" ("www" is hostname).

That's logcheck.

> I'd like to be able to tune that to improve the ratio of really
> helpful to routine messages.  All I can see from the header is that
> they're coming from something with user ID 0 and that leaves a fair
> few options including cron but crontab -u 0 says there is no user 0!

The configuration is in /etc/logcheck; essentially, it scans the logs for
regular expressions in the configuration files, and mails you anything
that matches. Check the man pages and the files in /usr/share/doc/logcheck
for more information.

It actually does run out of cron; Debian's cron reads files in
/etc/cron.d in addition to other crontabs, and logcheck has a file in
there that runs it every hour or so.

man cron, and see also /etc/cron.{daily,weekly,monthly} for other neat
tricks. :)

- Aaron

-- 
Aaron Hall             :  C'mon, Netscape! I can whistle the page in
ahall@vitaphone.net    :  Morse faster than you're fetching it!

Macintosh/UNIX Geek, Network Flack, and...eh, whatever.

Reply to:

Prev by Date: mp3 and background
Next by Date: Re: mail notification
Previous by thread: Re: What's sending "www 02/10/02:19.02 system check" messages
Next by thread: stopping the printer
Index(es):
- Date
- Thread