Filtering out POP sessions from Attack Log

Brad

Well-Known Member
Aug 16, 2001
229
0
316
Our Alert log is approaching huge sizes everyday because all pop sessions are logged into the alert log.

How do I send these to /dev/null ?
 

taivu

Well-Known Member
Nov 22, 2001
65
0
306
Do you mean the daily system check messages sent to root?

Add to /etc/logcheck/logcheck.ignore:

cpanelpop.*Session Closed
 

Brad

Well-Known Member
Aug 16, 2001
229
0
316
Thats the one..

I will give that a shot..

Also, I'm being plagued now by DSN queries, probably from their old hosting account, they never use to be in there until recently and their are hundreds of them for the same domain each day.

client 202.32.55.34#33225: update 'theirdomain.com/IN' denied


Thank you!


[quote:efc88d14f7][i:efc88d14f7]Originally posted by taivu[/i:efc88d14f7]

Do you mean the daily system check messages sent to root?

Add to /etc/logcheck/logcheck.ignore:

cpanelpop.*Session Closed[/quote:efc88d14f7]
 

Brad

Well-Known Member
Aug 16, 2001
229
0
316
Yes, I read that too, thanks.

Without trying to go through all of that, I gave this a shot, not sure if it will work or not..

in:
/etc/logcheck/logcheck.ignore

I added:
named.*theirdomain.com


[quote:ee5d29bd06][i:ee5d29bd06]Originally posted by Juanra[/i:ee5d29bd06]

Give this a shot too:
http://forums.cpanel.net/read.php?TID=4310[/quote:ee5d29bd06]