[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strange entries in apache/access.log

On Thu, Jan 27, 2005 at 03:41:51PM -0500, Andrew Alsup wrote:
> Is it normal to see 'ypbind' and 'sudo' entries in the /var/log/apache/access.log file?  I have tcpspy enabled and I see entries for it as well.  Here's a sample of what I've got:
> Jan 27 15:32:48 localhost ypbind[434]: broadcast: RPC: Timed out.
> Jan 27 15:32:54 localhost sudo: andy : TTY=pts/2 ; PWD=/var/log/apache ; USER=root ; COMMAND=/usr/bin/vi access.log
> These are things I would expect to see the the syslog file, not in the apache access.log.  I think I've got something dorked up somewhere.  I'm trying to get webalizer working, and when it choked and said 'No valid log entries', I decided to look at the contents of the file.  Yuck.
> Can anyone help?
> Thank,
> Andy
Hi Andy,

/etc/syslog.conf states where which system log messages should go. There
should be no occurrence of /var/log/apache/ files in there (because
apache doesn't log via syslog, but has its own logging facility),
but it might have accidentally slipped in.
Replace any /var/log/apache/ - entries in /etc/syslog.conf with some-
thing appropriate (/var/log/syslog, /var/log/debug, /var/log/messages ...).


Jan C. Nordholz
<jckn At gmx net>

Attachment: signature.asc
Description: Digital signature

Reply to: