• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Plesk and Logwatch

J

jochen35

New Pleskian
Hello,

on my VPS with Debian 7.0 and Plesk running 11.5.30 provides include the following.

Apache, Postfix, Courier-POP3, Courier-IMAP, SpamAssassin

For the user the following protocols or services are accessible via iptables.

https (not http), ftp, imap (ssl only) smtp, smtps

Now I have installed on the VPS Logwatch, but the reports are obviously not complete, it obviously lacks the logs for https, smtp, imap and smtps sessions and also I always have a lot of "Unmatched Entries" for proftpd.

What I have possibly missed?

greeting
Jochen


/usr/share/logwatch/default.conf/logwatch.conf
Code: 
LogDir = /var/log
TmpDir = /var/cache/logwatch
Output = stdout
Format = text
Encode = none
MailTo = root
MailFrom = Logwatch
Range = yesterday
Detail = Low
Service = All
Service = "-zz-network"
Service = "-zz-sys"
Service = "-eximstats"
mailer = "/usr/sbin/sendmail -t"
/etc/cron.daily/00logwatch
Code: 
#!/bin/bash
test -x /usr/share/logwatch/scripts/logwatch.pl || exit 0
/usr/sbin/logwatch --output mail
Example-Report
Code: 
################### Logwatch 7.4.0 (05/02/12) ####################
Processing Initiated: Wed May 28 03:24:04 2014
Date Range Processed: yesterday
( 2014-May-27 )
Period is day.
Detail Level of Output: 10
Type of Output/Format: mail / text
Logfiles for Host: v12345.myhoster.de
##################################################################

--------------------- Cron Begin ------------------------

Commands Run:
User root:
[ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -ignore_readdir_race -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete: 48 Time(s)
/opt/psa/admin/bin/php -c '/opt/psa/admin/conf/php.ini' -dauto_prepend_file=sdk.php '/opt/psa/admin/plib/modules/plesk-mobile/scripts/push_worker.php': 144 Time(s)
[ -x /opt/psa/admin/sbin/backupmng ] && /opt/psa/admin/sbin/backupmng >/dev/null 2>&1: 96 Time(s)
cd / && run-parts --report /etc/cron.hourly: 24 Time(s)
test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ): 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
User v12345:

---------------------- Cron End -------------------------


--------------------- httpd Begin ------------------------

0.02 MB transferred in 156 responses (1xx 0, 2xx 139, 3xx 0, 4xx 17, 5xx 0)
2 Content pages (0.00 MB),
154 Other (0.02 MB)

Attempts to use known hacks by 1 hosts were logged 15 time(s) from:
x.x.x.x: 15 Time(s)
^null$ 15 Time(s)

A total of 1 sites probed the server
x.x.x.x

Requests with error response codes
400 Bad Request
/: 2 Time(s)
408 Request Timeout
null: 15 Time(s)

---------------------- httpd End -------------------------


--------------------- pam_unix Begin ------------------------

cron:
Sessions Opened:
v12345: 576 Time(s)
root: 314 Time(s)

proftpd:
Unknown Entries:
session closed for user user123: 1524 Time(s)
session opened for user user123 by (uid=0): 1524 Time(s)

su:
Sessions Opened:
root -> popuser: 22 Time(s)
root -> v12345: 1 Time(s)


---------------------- pam_unix End -------------------------


--------------------- proftpd-messages Begin ------------------------


User FTP Logins:
x.x.x.x: user123 - 1501 Time(s)
x.x.x.x: user123 - 23 Time(s)

**Unmatched Entries**
pam_unix(proftpd:session): session opened for user user123 by (uid=0)
pam_unix(proftpd:session): session closed for user user123
pam_unix(proftpd:session): session opened for user user123 by (uid=0)
pam_unix(proftpd:session): session closed for user user123
pam_unix(proftpd:session): session opened for user user123 by (uid=0)
pam_unix(proftpd:session): session closed for user user123
pam_unix(proftpd:session): session opened for user user123 by (uid=0)
.
.
.

---------------------- proftpd-messages End -------------------------


--------------------- Disk Space Begin ------------------------

Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 80G 12G 69G 15% /
none 2.0G 4.0K 2.0G 1% /dev


---------------------- Disk Space End -------------------------


###################### Logwatch End #########################
 
You must log in or register to reply here.

Similar threads

W
Resolved FTP error not working
Replies
2
Views
411
WilliamGm
W
J
Resolved Logs and proFtpd
Replies
5
Views
1K
JuanCar
J
Dmytro
Issue Slave dns do not work on some servers
Replies
2
Views
541
Dmytro
Dmytro
A
Resolved Daily cronjob "email-security/scripts/sa-train-bayes.php" fails
Replies
7
Views
902
AvaDev
A
P
Question Drupal CMS 1.0 with Plesk: Composer PATH issue for automatic updates
Replies
7
Views
1K
horvan
H
Back
Top