The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Filtering out POP sessions from Attack Log

Discussion in 'General Discussion' started by Brad, Sep 13, 2002.

  1. Brad

    Brad Well-Known Member

    Joined:
    Aug 16, 2001
    Messages:
    231
    Likes Received:
    0
    Trophy Points:
    16
    Our Alert log is approaching huge sizes everyday because all pop sessions are logged into the alert log.

    How do I send these to /dev/null ?
     
  2. taivu

    taivu Well-Known Member

    Joined:
    Nov 22, 2001
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    Do you mean the daily system check messages sent to root?

    Add to /etc/logcheck/logcheck.ignore:

    cpanelpop.*Session Closed
     
  3. Brad

    Brad Well-Known Member

    Joined:
    Aug 16, 2001
    Messages:
    231
    Likes Received:
    0
    Trophy Points:
    16
    Thats the one..

    I will give that a shot..

    Also, I'm being plagued now by DSN queries, probably from their old hosting account, they never use to be in there until recently and their are hundreds of them for the same domain each day.

    client 202.32.55.34#33225: update 'theirdomain.com/IN' denied


    Thank you!


    [quote:efc88d14f7][i:efc88d14f7]Originally posted by taivu[/i:efc88d14f7]

    Do you mean the daily system check messages sent to root?

    Add to /etc/logcheck/logcheck.ignore:

    cpanelpop.*Session Closed[/quote:efc88d14f7]
     
  4. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Give this a shot too:
    http://forums.cpanel.net/read.php?TID=4310
     
  5. Brad

    Brad Well-Known Member

    Joined:
    Aug 16, 2001
    Messages:
    231
    Likes Received:
    0
    Trophy Points:
    16
    Yes, I read that too, thanks.

    Without trying to go through all of that, I gave this a shot, not sure if it will work or not..

    in:
    /etc/logcheck/logcheck.ignore

    I added:
    named.*theirdomain.com


    [quote:ee5d29bd06][i:ee5d29bd06]Originally posted by Juanra[/i:ee5d29bd06]

    Give this a shot too:
    http://forums.cpanel.net/read.php?TID=4310[/quote:ee5d29bd06]
     
Loading...

Share This Page