Hello peeps,
Is there's a way to exempt certain HOST/IP that syslogd logs.
Coz i have a whatsup that constantly monitors for the status of our
server's services ( ftp, www,dns,smtp,pop,etc). but then my problem is
that the log files of the services have entries of connection and
disconnection without any other action from the what's up client.
example of /var/log/maillog:
May 12 11:45:22 trinity sendmail[31908]: NOQUEUE: Null connection from
zeek [202.58.117.3]
May 12 11:45:22 trinity ipop3d[31909]: port 110 service init from
202.58.117.3
May 12 11:45:22 trinity ipop3d[31909]: Logout user=??? host=zeek
[202.58.117.3]
May 12 11:45:23 trinity imapd[31910]: imap service init from 202.58.117.3
May 12 11:45:23 trinity imapd[31910]: Logout user=??? host=zeek
[202.58.117.3]
.. the log shows connections and disconnections from host pc 'zeek'
; sort of like a port scan ; this tests simply tell whatsup that the
services are up and running. but then how do i tell syslogd not to log
these connections ? ( from a specific host )
--
m i c h a e l v i n c e n t p o z o n
:: [EMAIL PROTECTED] ::
---------------------------------------------------------------
HPS Software & Communication Corp. ICQ : 1413343
Pilipino Internet Cebu office : (+63)(32) 3447847
Systems/Network Administrator home : (+63)(32) 3446427
CCNA,CCDA - - - - - - - - - - - - cell : (+63) 917-3276966
- - - - - - - - - - - - - - - - - http://mikevince.tripod.com
-====---====---====---====---====---====---====---====---====---====---====-
to unsubscribe email "unsubscribe linux-admin" to [EMAIL PROTECTED]
See the linux-admin FAQ: http://www.kalug.lug.net/linux-admin-FAQ/
