The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to ignore Cp-Wrap messages in /var/log/secure

Discussion in 'Workarounds and Optimization' started by latinos986, Aug 26, 2010.

  1. latinos986

    latinos986 Member

    Joined:
    Jul 4, 2008
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Hi, in my secure.log I have tons of this lines:


    Aug 26 04:18:18 venus Cp-Wrap[13895]: Pushing "47 GETDISKUSED xxxxxxxx.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47
    Aug 26 04:18:18 venus Cp-Wrap[13895]: CP-Wrapper terminated without error


    I would like to ignore those lines, I've readed in the forum about edit /etc/log.d/conf/services/secure.conf file, but I don't have this file

    Anybody has an idea about what should I do? tnks in advance.

    I'm using:
    CENTOS 5.5 x86_64 virtuozzo
    cPanel 11.25.0-S46156 - WHM 11.25.0 - X 3.9
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The described log entries are normal. Is there a specific reason that necessitates ignoring Cp-Wrap (CP-Wrapper) log messages (in "/var/log/secure")?

    What problem are you seeing exhibited, if any?
     
  3. TexasCellNet

    TexasCellNet Registered

    Joined:
    May 4, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    East Texas
    I too get a few of those lines....

    I get 7 Meg emails... That's an ungodly amount of Cp-Wrap lines:


    counting all the way to

    and then for some reason starting over at 313 and moving on
    counting all the way up and starting over at 302, wierd!

    all the way to the end:
    cPanel support said these errors are normal. No need to ignore, but I'd say 6 to 8 meg log files would be a reason to exclude the error msg, or better yet help me find the root issue, if one exists. I've been glancing over the forums for a year now and have found no help. Anybody got an answer?:confused:
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Customize system logwatch configuration to ignore specific services

    Please note that the reported message is not an error; however, if you are receiving e-mails from the system utility "logwatch" then I believe you may be able to ignore certain log entries by adjusting the appropriate logwatch configuration file(s). For RHEL4/CentOS4, having logwatch ignore the service appeared to work as reported in this older thread: Logwatch Full of CP-Wrap messages - cPanel Forums

    The following steps should help if you need to have logwatch ignore "Cp-Wrap" log entries in /var/log/secure:
    • For RHEL4/CentOS4:
      1. Verify if logwatch is installed and install if needed:
        Code:
        # rpm -q logwatch
        # /scripts/ensurerpm logwatch
      2. Locate appropriate configuration file:
        Code:
        /etc/log.d/conf/services/secure.conf
      3. Open configuration file, look for a line like the following:
        Code:
        $ignore_services = sshd Pluto stunnel proftpd
      4. Edit to append an additional ignored service:
        Code:
        $ignore_services = sshd Pluto stunnel proftpd Cp-Wrap
      5. Save changes and then wait to check the content of future logwatch e-mails.
    • For RHEL5/CentOS5:
      1. Verify if logwatch is installed and install if needed:
        Code:
        # rpm -q logwatch
        # /scripts/ensurerpm logwatch
      2. Locate appropriate configuration file:
        Code:
        /etc/logwatch/conf/services/secure.conf
      3. If configuration file does not exist, create it by copying the default:
        Code:
        # cp -av /usr/share/logwatch/default.conf/services/secure.conf /etc/logwatch/conf/services/secure.conf
      4. Open configuration file, look for a line like the following:
        Code:
        $ignore_services = sshd Pluto stunnel proftpd saslauthd imapd
      5. Edit to append an additional ignored service:
        Code:
        $ignore_services = sshd Pluto stunnel proftpd saslauthd imapd Cp-Wrap
      6. Save changes and then wait to check the content of future logwatch e-mails.
     
  5. density5

    density5 Member

    Joined:
    Aug 9, 2010
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
  6. MaraBlue

    MaraBlue Well-Known Member

    Joined:
    May 3, 2005
    Messages:
    335
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Carmichael, CA
    cPanel Access Level:
    Root Administrator
    Both methods have the same results. One isn't necessarily better than the other, and there is NOTHING important about seeing Cp-Wrap in the log files.
     
Loading...
Similar Threads - ignore Wrap messages
  1. cosmin
    Replies:
    3
    Views:
    209

Share This Page