Logwatch の詳細レベルによるレポート内容の比較♪

スポンサードリンク

Logwatch のレポート出力内容の比較まとめ

No 項目 Low Med High
1 Cron なし あり あり
2 httpd 転送量、攻撃データなし 転送量、攻撃データあり 転送量、攻撃データ、攻撃詳細あり
3 httpd ROBOT アクセスなし ROBOT アクセス数あり ROBOT アクセス数、詳細あり
4 pam_unix sshd のセッションオープン情報なし sshd のセッションオープン情報あり sshd のセッションオープン情報あり
5 Connections (secure-log)
6 sendmail なし 概要あり 概要、詳細あり
7 SSHD Received disconnect に IP アドレスなし Received disconnect に IP アドレスあり Received disconnect に IP アドレ>スあり
8 Disk Space

「-」の行は、違いがございませんでしたの。

Logwatch のレポートをどれだけ詳細に出すかの設定項目、Detail を Low、Med、High にし、それぞれの内容の比較を行いました。

比較対象の元としたレポートの例を挙げていきます♪

Detail = Low

Med、High とくらべて、

  • Cron が出ない
  • httpd に ROBOT アクセスが出ない
  • pam_unix で sshd のセッションオープン情報が出ない
  • sendmail が出ない
  • SSHD の切断情報に IP アドレス情報が出ない

でしたの♪

[root@oki2a24 tmp]# logwatch --print

 ################### Logwatch 7.3 (03/24/06) #################### 
        Processing Initiated: Thu Nov 21 22:10:12 2013
        Date Range Processed: yesterday
                              ( 2013-Nov-20 )
                              Period is day.
      Detail Level of Output: 0
              Type of Output: unformatted
           Logfiles for Host: oki2a24.com
  ################################################################## 

 --------------------- httpd Begin ------------------------ 

 A total of 1 sites probed the server 
    66.249.80.114

 A total of 1 possible successful probes were detected (the following URLs
 contain strings that match one or more of a listing of strings that
 indicate a possible exploit):

    /?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200 

 Requests with error response codes
    400 Bad Request
       /wp-content/themes/kernel/style.css: 1 Time(s)
    403 Forbidden
       /wp-content/plugins/jetpack/_inc/: 1 Time(s)
    404 Not Found
       /++liker.profile_URL++: 4 Time(s)
       /04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
       /05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
       /07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
       /08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
       /08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
       /08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
       /10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
       /10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
       /2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
       /2012/04/09/register: 1 Time(s)
       /2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
       /2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
       /2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
       /2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
       /2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
       /2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
       /2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
       /2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
       /2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
       /2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
       /2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
       /2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
       /2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
       /2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
       /2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
       /2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
       /2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
       /2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
       /2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
       /2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
       /2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
       /2013/06/page/4/: 1 Time(s)
       /2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
       /2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
       /2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
       /2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
       /2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
       /?author=2: 1 Time(s)
       /?author=3: 1 Time(s)
       /?author=4: 1 Time(s)
       /?author=5: 1 Time(s)
       /MyAdmin/scripts/setup.php: 1 Time(s)
       /administrator/: 1 Time(s)
       /apple-touch-icon-114x114-precomposed.png: 1 Time(s)
       /apple-touch-icon-114x114.png: 1 Time(s)
       /apple-touch-icon-120x120-precomposed.png: 3 Time(s)
       /apple-touch-icon-120x120.png: 3 Time(s)
       /apple-touch-icon-precomposed.png: 9 Time(s)
       /apple-touch-icon.png: 17 Time(s)
       /author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
       /browserconfig.xml: 1 Time(s)
       /favicon.gif: 1 Time(s)
       /fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
       /invoker/EJBInvokerServlet/: 1 Time(s)
       /mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
       /myadmin/scripts/setup.php: 1 Time(s)
       /phpMyAdmin/scripts/setup.php: 1 Time(s)
       /phpmyadmin/scripts/setup.php: 1 Time(s)
       /pma/scripts/setup.php: 2 Time(s)
       /tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
       /tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
       /tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
       /tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
       /tag/ab/: 1 Time(s)
       /tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
       /w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
       /wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
       /wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
       /wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
       /wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)

 ---------------------- httpd End ------------------------- 

 --------------------- pam_unix Begin ------------------------ 

 su-l:
    Sessions Opened:
       user1(uid=500) -> root: 2 Time(s)

 ---------------------- pam_unix End ------------------------- 

 --------------------- Connections (secure-log) Begin ------------------------ 

 New Users:
    zabbix (100)

 New Groups:
    zabbix (101)

 ---------------------- Connections (secure-log) End ------------------------- 

 --------------------- SSHD Begin ------------------------ 

 Users logging in through sshd:
    user1:
       222.111.999.888 (888.999.111.222.dd.example.com): 2 times

 Received disconnect:
    11: disconnected by user : 1 Time(s)

 ---------------------- SSHD End ------------------------- 

 --------------------- yum Begin ------------------------ 

 Packages Installed:
    fping-3.6-1.el5.rf.i386
    unixODBC-libs-2.2.11-10.el5.i386
    iksemel-1.4-2.el5.i386
    ipa-pgothic-fonts-003.02-3.1.el5.noarch
    zabbix-server-mysql-2.0.9-1.el5.i386
    zabbix-web-2.0.9-1.el5.i386
    zabbix-web-mysql-2.0.9-1.el5.i386
    zabbix-2.0.9-1.el5.i386
    zabbix-web-japanese-2.0.9-1.el5.i386
    OpenIPMI-libs-2.0.16-16.el5.i386
    fontconfig-2.4.1-7.el5.i386
    php-bcmath-5.4.22-1.el5.remi.i386
    zabbix-server-2.0.9-1.el5.i386
    unixODBC-2.2.11-10.el5.i386

 ---------------------- yum End ------------------------- 

 --------------------- Disk Space Begin ------------------------ 

 Filesystem            Size  Used Avail Use% Mounted on
 /dev/simfs             50G  1.7G   49G   4% /

 ---------------------- Disk Space End ------------------------- 

 ###################### Logwatch End ######################### 

 [root@oki2a24 tmp]#

Detail = Med

  • Cron が出る
  • httpd に転送量と攻撃情報が出るが、攻撃詳細は出ない
  • httpd に ROBOT アクセス情報は出るが、詳細は出ない
  • sshd のセッションオープン情報が出る
  • sendmail の概要は出るが、詳細は出ない
  • SSHD の Received disconnect に IP アドレスが出る

上記のような、Low と High の中間の内容でしたの♪

[root@oki2a24 tmp]# logwatch --print

 ################### Logwatch 7.3 (03/24/06) #################### 
        Processing Initiated: Thu Nov 21 22:06:54 2013
        Date Range Processed: yesterday
                              ( 2013-Nov-20 )
                              Period is day.
      Detail Level of Output: 5
              Type of Output: unformatted
           Logfiles for Host: oki2a24.com
  ################################################################## 

 --------------------- Cron Begin ------------------------ 

 Commands Run:
    User root:
       /usr/lib/sa/sa1 1 1: 144 Time(s)
       /usr/lib/sa/sa2 -A: 1 Time(s)
       run-parts /etc/cron.daily: 1 Time(s)
       run-parts /etc/cron.hourly: 24 Time(s)

 ---------------------- Cron End ------------------------- 

 --------------------- httpd Begin ------------------------ 

 252.01 MB transferred in 53826 responses  (1xx 0, 2xx 48891, 3xx 4761, 4xx 174, 5xx 0) 
    16997 Images (41.55 MB),
        1 Documents (0.01 MB),
        1 Archives (0.02 MB),
    35954 Content pages (204.68 MB),
      348 Redirects (0.00 MB),
       56 Fonts (0.47 MB),
      469 Other (5.29 MB) 

 Attempts to use known hacks by 1 hosts were logged 1 time(s) from:
    66.249.80.114: 1 Time(s)

 A total of 1 sites probed the server 
    66.249.80.114

 A total of 1 possible successful probes were detected (the following URLs
 contain strings that match one or more of a listing of strings that
 indicate a possible exploit):

    /?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200 

 Requests with error response codes
    400 Bad Request
       /wp-content/themes/kernel/style.css: 1 Time(s)
    403 Forbidden
       /wp-content/plugins/jetpack/_inc/: 1 Time(s)
    404 Not Found
       /++liker.profile_URL++: 4 Time(s)
       /04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
       /05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
       /07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
       /08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
       /08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
       /08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
       /10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
       /10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
       /2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
       /2012/04/09/register: 1 Time(s)
       /2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
       /2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
       /2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
       /2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
       /2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
       /2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
       /2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
       /2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
       /2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
       /2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
       /2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
       /2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
       /2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
       /2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
       /2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
       /2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
       /2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
       /2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
       /2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
       /2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
       /2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
       /2013/06/page/4/: 1 Time(s)
       /2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
       /2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
       /2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
       /2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
       /2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
       /?author=2: 1 Time(s)
       /?author=3: 1 Time(s)
       /?author=4: 1 Time(s)
       /?author=5: 1 Time(s)
       /MyAdmin/scripts/setup.php: 1 Time(s)
       /administrator/: 1 Time(s)
       /apple-touch-icon-114x114-precomposed.png: 1 Time(s)
       /apple-touch-icon-114x114.png: 1 Time(s)
       /apple-touch-icon-120x120-precomposed.png: 3 Time(s)
       /apple-touch-icon-120x120.png: 3 Time(s)
       /apple-touch-icon-precomposed.png: 9 Time(s)
       /apple-touch-icon.png: 17 Time(s)
       /author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
       /browserconfig.xml: 1 Time(s)
       /favicon.gif: 1 Time(s)
       /fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
       /invoker/EJBInvokerServlet/: 1 Time(s)
       /mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
       /myadmin/scripts/setup.php: 1 Time(s)
       /phpMyAdmin/scripts/setup.php: 1 Time(s)
       /phpmyadmin/scripts/setup.php: 1 Time(s)
       /pma/scripts/setup.php: 2 Time(s)
       /tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
       /tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
       /tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
       /tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
       /tag/ab/: 1 Time(s)
       /tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
       /w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
       /wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
       /wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
       /wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
       /wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)

 A total of 21 ROBOTS were logged 

 ---------------------- httpd End ------------------------- 

 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Sessions Opened:
       user1: 2 Time(s)

 su-l:
    Sessions Opened:
       user1(uid=500) -> root: 2 Time(s)

 ---------------------- pam_unix End ------------------------- 

 --------------------- Connections (secure-log) Begin ------------------------ 

 New Users:
    zabbix (100)

 New Groups:
    zabbix (101)

 ---------------------- Connections (secure-log) End ------------------------- 

 --------------------- sendmail Begin ------------------------ 

 STATISTICS
 ----------

 Bytes Transferred:      62060
 Messages Processed:     7
 Addressed Recipients:   7

 ---------------------- sendmail End ------------------------- 

 --------------------- SSHD Begin ------------------------ 

 Users logging in through sshd:
    user1:
       222.111.999.888 (888.999.111.222.dd.example.com): 2 times

 Received disconnect:
    11: disconnected by user
       222.111.999.888 : 1 Time(s)

 ---------------------- SSHD End ------------------------- 

 --------------------- yum Begin ------------------------ 

 Packages Installed:
    fping-3.6-1.el5.rf.i386
    unixODBC-libs-2.2.11-10.el5.i386
    iksemel-1.4-2.el5.i386
    ipa-pgothic-fonts-003.02-3.1.el5.noarch
    zabbix-server-mysql-2.0.9-1.el5.i386
    zabbix-web-2.0.9-1.el5.i386
    zabbix-web-mysql-2.0.9-1.el5.i386
    zabbix-2.0.9-1.el5.i386
    zabbix-web-japanese-2.0.9-1.el5.i386
    OpenIPMI-libs-2.0.16-16.el5.i386
    fontconfig-2.4.1-7.el5.i386
    php-bcmath-5.4.22-1.el5.remi.i386
    zabbix-server-2.0.9-1.el5.i386
    unixODBC-2.2.11-10.el5.i386

 ---------------------- yum End ------------------------- 

 --------------------- Disk Space Begin ------------------------ 

 Filesystem            Size  Used Avail Use% Mounted on
 /dev/simfs             50G  1.7G   49G   4% /

 ---------------------- Disk Space End ------------------------- 

 ###################### Logwatch End ######################### 

 [root@oki2a24 tmp]#

Detail = High

  • Cron が出る
  • httpd に転送量と攻撃情報と攻撃詳細が出る
  • httpd に ROBOT アクセス情報と詳細が出る
  • sshd のセッションオープン情報が出る
  • sendmail の概要と詳細が出る
  • SSHD の Received disconnect に IP アドレスが出る

一番詳細な設定ですので、Low と Med では出力されなかった情報が全部表示されておりました♪

[root@oki2a24 tmp]# logwatch --print

 ################### Logwatch 7.3 (03/24/06) #################### 
        Processing Initiated: Thu Nov 21 22:01:54 2013
        Date Range Processed: yesterday
                              ( 2013-Nov-20 )
                              Period is day.
      Detail Level of Output: 10
              Type of Output: unformatted
           Logfiles for Host: oki2a24.com
  ################################################################## 

 --------------------- Cron Begin ------------------------ 

 Commands Run:
    User root:
       /usr/lib/sa/sa1 1 1: 144 Time(s)
       /usr/lib/sa/sa2 -A: 1 Time(s)
       run-parts /etc/cron.daily: 1 Time(s)
       run-parts /etc/cron.hourly: 24 Time(s)

 ---------------------- Cron End ------------------------- 

 --------------------- httpd Begin ------------------------ 

 252.01 MB transferred in 53826 responses  (1xx 0, 2xx 48891, 3xx 4761, 4xx 174, 5xx 0) 
    16997 Images (41.55 MB),
        1 Documents (0.01 MB),
        1 Archives (0.02 MB),
    35954 Content pages (204.68 MB),
      348 Redirects (0.00 MB),
       56 Fonts (0.47 MB),
      469 Other (5.29 MB) 

 Attempts to use known hacks by 1 hosts were logged 1 time(s) from:
    66.249.80.114: 1 Time(s)
       /\.\./\.\./\.\./ 1 Time(s) 

 A total of 1 sites probed the server 
    66.249.80.114

 A total of 1 possible successful probes were detected (the following URLs
 contain strings that match one or more of a listing of strings that
 indicate a possible exploit):

    /?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200 

 Requests with error response codes
    400 Bad Request
       /wp-content/themes/kernel/style.css: 1 Time(s)
    403 Forbidden
       /wp-content/plugins/jetpack/_inc/: 1 Time(s)
    404 Not Found
       /++liker.profile_URL++: 4 Time(s)
       /04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
       /05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
       /07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
       /08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
       /08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
       /08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
       /10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
       /10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
       /2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
       /2012/04/09/register: 1 Time(s)
       /2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
       /2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
       /2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
       /2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
       /2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
       /2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
       /2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
       /2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
       /2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
       /2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
       /2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
       /2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
       /2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
       /2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
       /2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
       /2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
       /2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
       /2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
       /2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
       /2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
       /2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
       /2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
       /2013/06/page/4/: 1 Time(s)
       /2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
       /2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
       /2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
       /2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
       /2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
       /?author=2: 1 Time(s)
       /?author=3: 1 Time(s)
       /?author=4: 1 Time(s)
       /?author=5: 1 Time(s)
       /MyAdmin/scripts/setup.php: 1 Time(s)
       /administrator/: 1 Time(s)
       /apple-touch-icon-114x114-precomposed.png: 1 Time(s)
       /apple-touch-icon-114x114.png: 1 Time(s)
       /apple-touch-icon-120x120-precomposed.png: 3 Time(s)
       /apple-touch-icon-120x120.png: 3 Time(s)
       /apple-touch-icon-precomposed.png: 9 Time(s)
       /apple-touch-icon.png: 17 Time(s)
       /author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
       /browserconfig.xml: 1 Time(s)
       /favicon.gif: 1 Time(s)
       /fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
       /invoker/EJBInvokerServlet/: 1 Time(s)
       /mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
       /myadmin/scripts/setup.php: 1 Time(s)
       /phpMyAdmin/scripts/setup.php: 1 Time(s)
       /phpmyadmin/scripts/setup.php: 1 Time(s)
       /pma/scripts/setup.php: 2 Time(s)
       /tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
       /tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
       /tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
       /tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
       /tag/ab/: 1 Time(s)
       /tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
       /w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
       /wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
       /wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
       /wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
       /wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)

 A total of 21 ROBOTS were logged 
    Mozilla/5.0 (compatible; Linux x86_64; Mail.RU_Bot/2.0; +http://go.mail.ru/help/robots) 1 Time(s) 
    Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 1 Time(s) 
    Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (FlipboardProxy/1.1; +http://flipboard.com/browserproxy) 1 Time(s) 
    Twitterbot/1.0 4 Time(s) 
    Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07) 1 Time(s) 
    Mozilla/5.0 (compatible; proximic; +http://www.proximic.com/info/spider.php) 3 Time(s) 
    msnbot-media/1.1 (+http://search.msn.com/msnbot.htm) 1 Time(s) 
    Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDR; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322; Tablet PC 2.0); 360Spider 1 Time(s) 
    msnbot/2.0b (+http://search.msn.com/msnbot.htm) 2 Time(s) 
    Yeti/1.0 (NHN Corp.; http://help.naver.com/robots/) 1 Time(s) 
    Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) 5 Time(s) 
    Mozilla/5.0 (compatible; Butterfly/1.0; +http://labs.topsy.com/butterfly/) Gecko/2009032608 Firefox/3.0.8 1 Time(s) 
    Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 9 Time(s) 
    Y!J-BRJ/YATS crawler (http://help.yahoo.co.jp/help/jp/search/indexing/indexing-15.html) 1 Time(s) 
    Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots) 2 Time(s) 
    Y!J-BRO/YFSJ crawler (compatible; Mozilla 4.0; MSIE 5.5; http://help.yahoo.co.jp/help/jp/search/indexing/indexing-15.html; YahooFeedSeekerJp/2.0) 1 Time(s) 
    Mozilla/5.0 (compatible; MJ12bot/v1.4.4; http://www.majestic12.co.uk/bot.php?+) 36 Time(s) 
    Mozilla/5.0 (compatible; Genieo/1.0 http://www.genieo.com/webfilter.html) 2 Time(s) 
    ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) 5 Time(s) 
    Mozilla/5.0 (compatible; Ezooms/1.0; ezooms.bot@gmail.com) 8 Time(s) 
    ShowyouBot (http://showyou.com/crawler) 1 Time(s) 

 ---------------------- httpd End ------------------------- 

 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Sessions Opened:
       user1: 2 Time(s)

 su-l:
    Sessions Opened:
       user1(uid=500) -> root: 2 Time(s)

 ---------------------- pam_unix End ------------------------- 

 --------------------- Connections (secure-log) Begin ------------------------ 

 New Users:
    zabbix (100)

 New Groups:
    zabbix (101)

 ---------------------- Connections (secure-log) End ------------------------- 

 --------------------- sendmail Begin ------------------------ 

 STATISTICS
 ----------

 Bytes Transferred:      62060
 Messages Processed:     7
 Addressed Recipients:   7

 Message recipients per delivery agent:
 Name          # Rcpts
 esmtp               2
 local               2
 ---------------------
 TOTAL:              4
 in addition to      3 relay
      submission(s) from MSP

 Message Size Distribution:
 Range          # Msgs       KBytes
 0 - 10k             5           29
 10k - 20k           2           31
 ----------------------------------
 TOTAL               7           60
 Avg. Size                        8

 Top 10 Email Recipients
 ----------------------------------
 oki2a24@gmail.com : 4 emails
 root@oki2a24.com : 1 emails

 STARTTLS used the following encryption mechanisms
    Cipher: RC4-SHA Bits: 128/128: 2 Time(s)

 ---------------------- sendmail End ------------------------- 

 --------------------- SSHD Begin ------------------------ 

 Users logging in through sshd:
    oki2a24:
       222.111.999.888 (888.999.111.222.dd.example.com): 2 times

 Received disconnect:
    11: disconnected by user
       222.111.999.888 : 1 Time(s)

 ---------------------- SSHD End ------------------------- 

 --------------------- yum Begin ------------------------ 

 Packages Installed:
    fping-3.6-1.el5.rf.i386
    unixODBC-libs-2.2.11-10.el5.i386
    iksemel-1.4-2.el5.i386
    ipa-pgothic-fonts-003.02-3.1.el5.noarch
    zabbix-server-mysql-2.0.9-1.el5.i386
    zabbix-web-2.0.9-1.el5.i386
    zabbix-web-mysql-2.0.9-1.el5.i386
    zabbix-2.0.9-1.el5.i386
    zabbix-web-japanese-2.0.9-1.el5.i386
    OpenIPMI-libs-2.0.16-16.el5.i386
    fontconfig-2.4.1-7.el5.i386
    php-bcmath-5.4.22-1.el5.remi.i386
    zabbix-server-2.0.9-1.el5.i386
    unixODBC-2.2.11-10.el5.i386

 ---------------------- yum End ------------------------- 

 --------------------- Disk Space Begin ------------------------ 

 Filesystem            Size  Used Avail Use% Mounted on
 /dev/simfs             50G  1.7G   49G   4% /

 ---------------------- Disk Space End ------------------------- 

 ###################### Logwatch End ######################### 

 [root@oki2a24 tmp]#

おわりに

久しぶりに Logwatch について調べておりましたら、次のページを拝見しましてレポートの詳細レベルを設定できることに初めて気が付きましたの!

具体的にどれほど異なるのか気になってしまいましたの♪長い投稿となってしまいましたがわたくしは満足いたしましたわ♪

なお、冒頭のまとめの表を作るのに、以前書きました次の投稿を参考にいたしました。メモ大事ですの♪

以上です。


スポンサードリンク

コメントを残す