Logo

  • Register
  • | Login
  • Facebook
  • Twitter
  • Gplus
  • Linkedin

Our forum Area

Results 1 to 5 of 5

This is a discussion on Clean your /var/log/messages, move ftp logs to /var/log/ftp in the Dedicated Servers forum
The server monitors the various processes if they are alive or not. In order to check the ftp server is alive, it connects to it ...

  1. #1
    Loyal Client thisisit3's Avatar
    Join Date
    Mar 2007
    Posts
    717

    Clean your /var/log/messages, move ftp logs to /var/log/ftp

    The server monitors the various processes if they are alive or not. In order to check the ftp server is alive, it connects to it about every 8 minutes and then promptly disconnects. As a result, the /var/log/messages is filled with:

    Code:
    Mar 24 08:46:25 deed pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Mar 24 08:46:25 deed pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Mar 24 08:54:49 deed pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Mar 24 08:54:49 deed pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Mar 24 09:03:11 deed pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Mar 24 09:03:11 deed pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Mar 24 09:11:34 deed pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Mar 24 09:11:34 deed pure-ftpd: (?@127.0.0.1) [INFO] Logout.
    Which fills up your /var/log/messages with that garbage and you may miss something important. Here is a solution to solve the problem:

    STEP 1

    Edit your /etc/syslog.conf and:

    Code:
    change this:
    *.info;mail.none;authpriv.none;cron.none       -/var/log/messages
    
    into this:
    *.info;mail.none;authpriv.none;cron.none;ftp.none       -/var/log/messages
    
    at the end of the file, add this:
    ftp.*                                                   -/var/log/ftp
    STEP 2

    Now, edit your /etc/logrotate.d/syslog and:

    Code:
    change this:
    /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron {
    
    into this:
    /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron /var/log/ftp {
    STEP 3

    Now execute the following command, in order to restart syslogd for the changes to take effect:

    Code:
    service syslog restart
    Now all ftp related messages go to /var/log/ftp instead of /var/log/messages!


    PS:
    If you are running BFD with the rules i've created here, make sure you edit your /usr/local/bfd/rules/pure-ftpd file and change the line LP="/var/log/messages" to LP="/var/log/ftp".

    Another cool tip by thisisit3

  2. #2
    I need a coffee
    Join Date
    Jan 2007
    Location
    Serres, Greece
    Posts
    16
    Is cpanel "reads" /var/log/messages for calculating ftp traffic ?
    If someone do this will he has problems with cpanel traffic monitor or anything else?

  3. #3
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,665
    LoL!

    I think someone has a log fetish...
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  4. #4
    I need a coffee
    Join Date
    Jan 2007
    Location
    Serres, Greece
    Posts
    16
    I am just curious, I dont know how cpanel/whm works exactly (or, at all...)

  5. #5

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •