The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

syslog sending lot of Pushing "47 GETDISKUSED what is this???

Discussion in 'General Discussion' started by bsasninja, Jul 20, 2007.

  1. bsasninja

    bsasninja Well-Known Member

    Joined:
    Sep 2, 2004
    Messages:
    528
    Likes Received:
    0
    Trophy Points:
    16
    I´m getting a syslog of 5mb size and has a lot of lines like this:

    Cp-Wrap[28667]: CP-Wrapper terminated without error
    Cp-Wrap[28672]: Pushing "47 GETDISKUSED user domain.ext" to '/usr/local/cpanel/bin/eximadmin' for UID: 47

    what does it means and how can I remove this lines.

    Thanks
     
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    What is your OS?
     
  3. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    I'm getting a lot of these too...
    Cp-Wrap: CP-Wrapper terminated without error : 2551 Time(s)
    Cp-Wrap: Pushing "47 GETDISKUSED user domain.com" to '/usr/local/cpanel/bin/eximadmin' for UID: 47 : 13 Time(s)
    ... and so on every day ...

    WHM 11.2.0 cPanel 11.6.0-R15076
    CENTOS Enterprise 3.8 i686 - WHM X v3.1.0

    A quick search for GETDISKUSED here shows there's a few of us.
     
  4. neutro

    neutro Well-Known Member

    Joined:
    Apr 11, 2004
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Count me in Centos 4.5 - bugging the server with GETDISKUSED
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Anything cPanel does that requires privilege escalation is now logged. If you do not want to see these messages, you should be able to use your syslog facilities to filter them out (raise the logging threshold for example).
     
  6. bsasninja

    bsasninja Well-Known Member

    Joined:
    Sep 2, 2004
    Messages:
    528
    Likes Received:
    0
    Trophy Points:
    16
    Where you modify that ?? I read /etc/syslog.conf but there is no threshold over there.

    Thanks
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I believe this is what you want.

    /etc/logcheck/ignore
     
  8. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    For me, that's at /etc/logwatch/conf/ignore.conf
     
  9. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Sorry. If I recall correctly, the threshold is a value like INFO, DEBUG, WARN, etc. The syslog manual should have a nice ordered list of those thresholds. I *think* the cPanel messages are logged at the INFO threshold,s o if you no longer want to see them, you would configure syslog to either not log anythign from cPanel at the INFO level, or globally raise the threshold to one that ignores INFO level messages.
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:

    Hmm, I have that one as well. I went by some old notes I had from conversations with chirpy about this issue a few years ago.

    Thanks.
     
  11. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    IIRC, I updated logwatch 6-8 months ago. Maybe the file locations were changed then.
     
  12. Bdzzld

    Bdzzld Well-Known Member

    Joined:
    Apr 3, 2004
    Messages:
    356
    Likes Received:
    1
    Trophy Points:
    18
    The /etc/logwatch/conf/ignore.conf file expects a regular expression.
    Because I'm not that familiair with regular expressions, what line should be added to neglect lines with :

    Code:
    Pushing "47 GETDISKUSED
    or just

    Code:
    GETDISKUSED
    from the Logwatch output ?

    Thanks.
     
  13. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Even though I find myself using Regexs a lot, I still can forget some things. While I don't want to endorse any particular website - I will say an Internet search for "Regex Cheat Sheet" will yield useful results. Just ignore the results for .NET Regex.
     
  14. Bdzzld

    Bdzzld Well-Known Member

    Joined:
    Apr 3, 2004
    Messages:
    356
    Likes Received:
    1
    Trophy Points:
    18
    Hi cPanelDavidG,

    Thanks for the suggestion.

    Before I go struggle with Regular Expressions. Does anyone already have a working version? And if so, what did you add to the /etc/logwatch/conf/ignore.conf file?

    Thanks.
     
  15. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi! I signed up this forum looking for info about this topic.

    I'm annoyed with the high load of data containing the string Pushing "47 GETDISKUSED and found at the above link a posible solution:
    http://www.webhostingtalk.com/archive/index.php/t-645461.html

    Although it didn't work. I finally examined the source code of the logwatch executable and didn't find any references to the reading of a ignore.conf file! It is actually ignoring the ignore.conf file!

    is there any solution available? contacting the authors?
     
  16. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    Meanwhile... back in 2010, running the latest Release tree... I found that adding:

    Code:
    ^Cp-Wrap.*?Pushing .*?GETDISKUSED.*?UID: 47
    ^Cp-Wrap.*?CP-Wrapper terminated without error
    
    to /etc/logwatch/conf/ignore.conf does indeed stop all of those annoying messages. My daily logwatch file has shrunk from 200k+ to 23k.
     
  17. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    865
    Likes Received:
    9
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Great ! Thanks for the tip :)
     
  18. spritorox

    spritorox Member

    Joined:
    May 28, 2010
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    i think this logs are system calls, and nothing more. i have a lots of this logs, and the server work fine.
     
Loading...

Share This Page