Logwatch のレポート出力内容の比較まとめ
| No | 項目 | Low | Med | High |
| 1 | Cron | なし | あり | あり |
| 2 | httpd | 転送量、攻撃データなし | 転送量、攻撃データあり | 転送量、攻撃データ、攻撃詳細あり |
| 3 | httpd | ROBOT アクセスなし | ROBOT アクセス数あり | ROBOT アクセス数、詳細あり |
| 4 | pam_unix | sshd のセッションオープン情報なし | sshd のセッションオープン情報あり | sshd のセッションオープン情報あり |
| 5 | Connections (secure-log) | – | – | – |
| 6 | sendmail | なし | 概要あり | 概要、詳細あり |
| 7 | SSHD | Received disconnect に IP アドレスなし | Received disconnect に IP アドレスあり | Received disconnect に IP アドレ>スあり |
| 8 | Disk Space | – | – | – |
「-」の行は、違いがございませんでしたの。
Logwatch のレポートをどれだけ詳細に出すかの設定項目、Detail を Low、Med、High にし、それぞれの内容の比較を行いました。
比較対象の元としたレポートの例を挙げていきます♪
Detail = Low
Med、High とくらべて、
- Cron が出ない
- httpd に ROBOT アクセスが出ない
- pam_unix で sshd のセッションオープン情報が出ない
- sendmail が出ない
- SSHD の切断情報に IP アドレス情報が出ない
でしたの♪
[root@oki2a24 tmp]# logwatch --print
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Thu Nov 21 22:10:12 2013
Date Range Processed: yesterday
( 2013-Nov-20 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: oki2a24.com
##################################################################
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
66.249.80.114
A total of 1 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200
Requests with error response codes
400 Bad Request
/wp-content/themes/kernel/style.css: 1 Time(s)
403 Forbidden
/wp-content/plugins/jetpack/_inc/: 1 Time(s)
404 Not Found
/++liker.profile_URL++: 4 Time(s)
/04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
/07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
/08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
/08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
/08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
/10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
/10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
/2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
/2012/04/09/register: 1 Time(s)
/2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
/2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
/2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
/2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
/2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
/2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
/2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
/2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
/2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
/2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
/2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
/2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
/2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
/2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
/2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
/2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
/2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
/2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
/2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
/2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
/2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
/2013/06/page/4/: 1 Time(s)
/2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
/2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
/2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
/2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
/2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
/?author=2: 1 Time(s)
/?author=3: 1 Time(s)
/?author=4: 1 Time(s)
/?author=5: 1 Time(s)
/MyAdmin/scripts/setup.php: 1 Time(s)
/administrator/: 1 Time(s)
/apple-touch-icon-114x114-precomposed.png: 1 Time(s)
/apple-touch-icon-114x114.png: 1 Time(s)
/apple-touch-icon-120x120-precomposed.png: 3 Time(s)
/apple-touch-icon-120x120.png: 3 Time(s)
/apple-touch-icon-precomposed.png: 9 Time(s)
/apple-touch-icon.png: 17 Time(s)
/author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
/browserconfig.xml: 1 Time(s)
/favicon.gif: 1 Time(s)
/fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
/invoker/EJBInvokerServlet/: 1 Time(s)
/mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
/myadmin/scripts/setup.php: 1 Time(s)
/phpMyAdmin/scripts/setup.php: 1 Time(s)
/phpmyadmin/scripts/setup.php: 1 Time(s)
/pma/scripts/setup.php: 2 Time(s)
/tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
/tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
/tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
/tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
/tag/ab/: 1 Time(s)
/tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
/w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
/wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
/wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
/wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
/wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
su-l:
Sessions Opened:
user1(uid=500) -> root: 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
New Users:
zabbix (100)
New Groups:
zabbix (101)
---------------------- Connections (secure-log) End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
user1:
222.111.999.888 (888.999.111.222.dd.example.com): 2 times
Received disconnect:
11: disconnected by user : 1 Time(s)
---------------------- SSHD End -------------------------
--------------------- yum Begin ------------------------
Packages Installed:
fping-3.6-1.el5.rf.i386
unixODBC-libs-2.2.11-10.el5.i386
iksemel-1.4-2.el5.i386
ipa-pgothic-fonts-003.02-3.1.el5.noarch
zabbix-server-mysql-2.0.9-1.el5.i386
zabbix-web-2.0.9-1.el5.i386
zabbix-web-mysql-2.0.9-1.el5.i386
zabbix-2.0.9-1.el5.i386
zabbix-web-japanese-2.0.9-1.el5.i386
OpenIPMI-libs-2.0.16-16.el5.i386
fontconfig-2.4.1-7.el5.i386
php-bcmath-5.4.22-1.el5.remi.i386
zabbix-server-2.0.9-1.el5.i386
unixODBC-2.2.11-10.el5.i386
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 50G 1.7G 49G 4% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
[root@oki2a24 tmp]#
Detail = Med
- Cron が出る
- httpd に転送量と攻撃情報が出るが、攻撃詳細は出ない
- httpd に ROBOT アクセス情報は出るが、詳細は出ない
- sshd のセッションオープン情報が出る
- sendmail の概要は出るが、詳細は出ない
- SSHD の Received disconnect に IP アドレスが出る
上記のような、Low と High の中間の内容でしたの♪
[root@oki2a24 tmp]# logwatch --print
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Thu Nov 21 22:06:54 2013
Date Range Processed: yesterday
( 2013-Nov-20 )
Period is day.
Detail Level of Output: 5
Type of Output: unformatted
Logfiles for Host: oki2a24.com
##################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User root:
/usr/lib/sa/sa1 1 1: 144 Time(s)
/usr/lib/sa/sa2 -A: 1 Time(s)
run-parts /etc/cron.daily: 1 Time(s)
run-parts /etc/cron.hourly: 24 Time(s)
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
252.01 MB transferred in 53826 responses (1xx 0, 2xx 48891, 3xx 4761, 4xx 174, 5xx 0)
16997 Images (41.55 MB),
1 Documents (0.01 MB),
1 Archives (0.02 MB),
35954 Content pages (204.68 MB),
348 Redirects (0.00 MB),
56 Fonts (0.47 MB),
469 Other (5.29 MB)
Attempts to use known hacks by 1 hosts were logged 1 time(s) from:
66.249.80.114: 1 Time(s)
A total of 1 sites probed the server
66.249.80.114
A total of 1 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200
Requests with error response codes
400 Bad Request
/wp-content/themes/kernel/style.css: 1 Time(s)
403 Forbidden
/wp-content/plugins/jetpack/_inc/: 1 Time(s)
404 Not Found
/++liker.profile_URL++: 4 Time(s)
/04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
/07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
/08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
/08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
/08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
/10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
/10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
/2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
/2012/04/09/register: 1 Time(s)
/2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
/2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
/2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
/2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
/2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
/2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
/2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
/2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
/2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
/2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
/2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
/2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
/2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
/2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
/2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
/2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
/2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
/2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
/2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
/2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
/2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
/2013/06/page/4/: 1 Time(s)
/2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
/2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
/2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
/2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
/2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
/?author=2: 1 Time(s)
/?author=3: 1 Time(s)
/?author=4: 1 Time(s)
/?author=5: 1 Time(s)
/MyAdmin/scripts/setup.php: 1 Time(s)
/administrator/: 1 Time(s)
/apple-touch-icon-114x114-precomposed.png: 1 Time(s)
/apple-touch-icon-114x114.png: 1 Time(s)
/apple-touch-icon-120x120-precomposed.png: 3 Time(s)
/apple-touch-icon-120x120.png: 3 Time(s)
/apple-touch-icon-precomposed.png: 9 Time(s)
/apple-touch-icon.png: 17 Time(s)
/author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
/browserconfig.xml: 1 Time(s)
/favicon.gif: 1 Time(s)
/fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
/invoker/EJBInvokerServlet/: 1 Time(s)
/mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
/myadmin/scripts/setup.php: 1 Time(s)
/phpMyAdmin/scripts/setup.php: 1 Time(s)
/phpmyadmin/scripts/setup.php: 1 Time(s)
/pma/scripts/setup.php: 2 Time(s)
/tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
/tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
/tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
/tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
/tag/ab/: 1 Time(s)
/tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
/w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
/wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
/wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
/wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
/wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)
A total of 21 ROBOTS were logged
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Sessions Opened:
user1: 2 Time(s)
su-l:
Sessions Opened:
user1(uid=500) -> root: 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
New Users:
zabbix (100)
New Groups:
zabbix (101)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail Begin ------------------------
STATISTICS
----------
Bytes Transferred: 62060
Messages Processed: 7
Addressed Recipients: 7
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
user1:
222.111.999.888 (888.999.111.222.dd.example.com): 2 times
Received disconnect:
11: disconnected by user
222.111.999.888 : 1 Time(s)
---------------------- SSHD End -------------------------
--------------------- yum Begin ------------------------
Packages Installed:
fping-3.6-1.el5.rf.i386
unixODBC-libs-2.2.11-10.el5.i386
iksemel-1.4-2.el5.i386
ipa-pgothic-fonts-003.02-3.1.el5.noarch
zabbix-server-mysql-2.0.9-1.el5.i386
zabbix-web-2.0.9-1.el5.i386
zabbix-web-mysql-2.0.9-1.el5.i386
zabbix-2.0.9-1.el5.i386
zabbix-web-japanese-2.0.9-1.el5.i386
OpenIPMI-libs-2.0.16-16.el5.i386
fontconfig-2.4.1-7.el5.i386
php-bcmath-5.4.22-1.el5.remi.i386
zabbix-server-2.0.9-1.el5.i386
unixODBC-2.2.11-10.el5.i386
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 50G 1.7G 49G 4% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
[root@oki2a24 tmp]#
Detail = High
- Cron が出る
- httpd に転送量と攻撃情報と攻撃詳細が出る
- httpd に ROBOT アクセス情報と詳細が出る
- sshd のセッションオープン情報が出る
- sendmail の概要と詳細が出る
- SSHD の Received disconnect に IP アドレスが出る
一番詳細な設定ですので、Low と Med では出力されなかった情報が全部表示されておりました♪
[root@oki2a24 tmp]# logwatch --print
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Thu Nov 21 22:01:54 2013
Date Range Processed: yesterday
( 2013-Nov-20 )
Period is day.
Detail Level of Output: 10
Type of Output: unformatted
Logfiles for Host: oki2a24.com
##################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User root:
/usr/lib/sa/sa1 1 1: 144 Time(s)
/usr/lib/sa/sa2 -A: 1 Time(s)
run-parts /etc/cron.daily: 1 Time(s)
run-parts /etc/cron.hourly: 24 Time(s)
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
252.01 MB transferred in 53826 responses (1xx 0, 2xx 48891, 3xx 4761, 4xx 174, 5xx 0)
16997 Images (41.55 MB),
1 Documents (0.01 MB),
1 Archives (0.02 MB),
35954 Content pages (204.68 MB),
348 Redirects (0.00 MB),
56 Fonts (0.47 MB),
469 Other (5.29 MB)
Attempts to use known hacks by 1 hosts were logged 1 time(s) from:
66.249.80.114: 1 Time(s)
/\.\./\.\./\.\./ 1 Time(s)
A total of 1 sites probed the server
66.249.80.114
A total of 1 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/?option=com_userstatus&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200
Requests with error response codes
400 Bad Request
/wp-content/themes/kernel/style.css: 1 Time(s)
403 Forbidden
/wp-content/plugins/jetpack/_inc/: 1 Time(s)
404 Not Found
/++liker.profile_URL++: 4 Time(s)
/04/24/many-deep-fried-shrimps-don-263/%2B ... profile_URL+%2B: 4 Time(s)
/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/06/27/do-install-ssl-server-certificate-w ... profile_URL+%2B: 4 Time(s)
/07/26/how-to-show-db-data-of-cakephp-with ... r.profile_URL++: 4 Time(s)
/08/10/sutdy-to-make-boards-app-with-cakep ... r.profile_URL++: 6 Time(s)
/08/24/how-to-set-php-ini-date-timezone/%2 ... profile_URL+%2B: 4 Time(s)
/08/31/memo-of-how-to-program-user-edit-pa ... r.profile_URL++: 4 Time(s)
/10/18/how-to-check-cookie-secure-with-chr ... profile_URL+%2B: 4 Time(s)
/10/19/delete-cookie-as-a-first-step/%2B+l ... profile_URL+%2B: 4 Time(s)
/2012/03/12/install-php-latest/http:/widge ... l?ver=20130620a: 1 Time(s)
/2012/04/09/register: 1 Time(s)
/2012/04/24/many-deep-fried-shrimps-don-26 ... profile_URL+%2B: 4 Time(s)
/2012/06/05/cannot-receive-points-from-mai ... ts/?share=email: 1 Time(s)
/2012/06/11/fix-garbled-characters-when-co ... nto-qr-c%20ode/: 1 Time(s)
/2012/07/26/how-to-show-db-data-of-cakephp ... r.profile_URL++: 4 Time(s)
/2012/08/07/study-validation-of-cakephp/ht ... l?ver=20130620a: 1 Time(s)
/2012/08/10/sutdy-to-make-boards-app-with- ... r.profile_URL++: 6 Time(s)
/2012/08/13/how-to-set-eclipse-4-juno-for- ... l?ver=20130620a: 1 Time(s)
/2012/08/14/how-to-setup-cakephp2-easily-i ... l?ver=20130620a: 1 Time(s)
/2012/08/24/how-to-set-php-ini-date-timezo ... profile_URL+%2B: 4 Time(s)
/2012/08/31/memo-of-how-to-program-user-ed ... r.profile_URL++: 4 Time(s)
/2012/09/05/how-to-use-mailto-link/http:/w ... l?ver=20130620a: 1 Time(s)
/2012/09/14/how-to-make-excel-csv-from-mys ... l?ver=20130620a: 1 Time(s)
/2012/10/22/resize-mp3-file-smaller-with-itunes/undefined: 1 Time(s)
/2012/11/15/free-picasa-webalubum/http:/wi ... l?ver=20130620a: 1 Time(s)
/2012/11/20/move-itunes-library-from-windo ... l?ver=20130620a: 1 Time(s)
/2012/12/25/how-to-burn-on-mac-os-x-10-8-2 ... l?ver=20130620a: 1 Time(s)
/2013/01/07/how-to-print-your-image-to-new ... l?ver=20130620a: 1 Time(s)
/2013/02/13/set-php-error-log/http:/widget ... l?ver=20130620a: 1 Time(s)
/2013/04/02/add-external-drive-for-time-ma ... l?ver=20130620a: 1 Time(s)
/2013/04/06/why-freeze-13-macbook-pro-reti ... l?ver=20130620a: 1 Time(s)
/2013/05/21/what-is-router/++liker.profile_URL++: 4 Time(s)
/2013/06/27/do-install-ssl-server-certific ... profile_URL+%2B: 4 Time(s)
/2013/06/page/4/: 1 Time(s)
/2013/10/18/how-to-check-cookie-secure-wit ... profile_URL+%2B: 4 Time(s)
/2013/10/19/delete-cookie-as-a-first-step/ ... profile_URL+%2B: 4 Time(s)
/2013/10/page/2/+%E3%81%93%E3%81%AE%E6%96% ... l=zh-TW&ct=clnk: 6 Time(s)
/2013/10/page/2/+%E9%8A%87%E6%92%B1%E4%BC% ... l=zh-TW&ct=clnk: 1 Time(s)
/2013/11/08/zabbix-mysql/+%E9%96%B9%EE%88% ... l=zh-TW&ct=clnk: 2 Time(s)
/?author=2: 1 Time(s)
/?author=3: 1 Time(s)
/?author=4: 1 Time(s)
/?author=5: 1 Time(s)
/MyAdmin/scripts/setup.php: 1 Time(s)
/administrator/: 1 Time(s)
/apple-touch-icon-114x114-precomposed.png: 1 Time(s)
/apple-touch-icon-114x114.png: 1 Time(s)
/apple-touch-icon-120x120-precomposed.png: 3 Time(s)
/apple-touch-icon-120x120.png: 3 Time(s)
/apple-touch-icon-precomposed.png: 9 Time(s)
/apple-touch-icon.png: 17 Time(s)
/author/adoki2a24min/page/3/+%E3%81%93%E3% ... l=zh-TW&ct=clnk: 2 Time(s)
/browserconfig.xml: 1 Time(s)
/favicon.gif: 1 Time(s)
/fonts.googleapis.com/css?family=Source+Sa ... ter%3A400%2C700: 1 Time(s)
/invoker/EJBInvokerServlet/: 1 Time(s)
/mwg-internal/de5fs23hu73ds/files/javascript/sw.js: 2 Time(s)
/myadmin/scripts/setup.php: 1 Time(s)
/phpMyAdmin/scripts/setup.php: 1 Time(s)
/phpmyadmin/scripts/setup.php: 1 Time(s)
/pma/scripts/setup.php: 2 Time(s)
/tag/%E3%EF%BF%BD%A2%E3%EF%BF%BD%AD%E3%EF% ... E3%EF%BF%BD%A2/: 1 Time(s)
/tag/%E3%EF%BF%BD%B7%E3%EF%BF%BD%BC%E3%EF% ... E3%EF%BF%BD%BC/: 1 Time(s)
/tag/%E3%EF%BF%BD%EF%BF%BD%E3%EF%BF%BD%A9% ... E3%EF%BF%BD%B3/: 1 Time(s)
/tag/%E5%8D%EF%BF%BD%E5%EF%BF%BD%EF%BF%BD% ... E5%EF%BF%BD%A8/: 1 Time(s)
/tag/ab/: 1 Time(s)
/tag/e58d8ae9a18de5bc81e5bd93/: 1 Time(s)
/w00tw00t.at.blackhats.romanian.anti-sec:): 2 Time(s)
/wp-content/plugins/jetpack/_inc/target_url: 1 Time(s)
/wp-content/plugins/jetpack/_inc/window.location.href: 1 Time(s)
/wp-content/plugins/jetpack/modules/shared ... ROOT/sprite.png: 1 Time(s)
/wp-content/plugins/wp-syntaxhighlighter/s ... ader.js?ver=3.0: 1 Time(s)
A total of 21 ROBOTS were logged
Mozilla/5.0 (compatible; Linux x86_64; Mail.RU_Bot/2.0; +http://go.mail.ru/help/robots) 1 Time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 1 Time(s)
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (FlipboardProxy/1.1; +http://flipboard.com/browserproxy) 1 Time(s)
Twitterbot/1.0 4 Time(s)
Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07) 1 Time(s)
Mozilla/5.0 (compatible; proximic; +http://www.proximic.com/info/spider.php) 3 Time(s)
msnbot-media/1.1 (+http://search.msn.com/msnbot.htm) 1 Time(s)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDR; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322; Tablet PC 2.0); 360Spider 1 Time(s)
msnbot/2.0b (+http://search.msn.com/msnbot.htm) 2 Time(s)
Yeti/1.0 (NHN Corp.; http://help.naver.com/robots/) 1 Time(s)
Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) 5 Time(s)
Mozilla/5.0 (compatible; Butterfly/1.0; +http://labs.topsy.com/butterfly/) Gecko/2009032608 Firefox/3.0.8 1 Time(s)
Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 9 Time(s)
Y!J-BRJ/YATS crawler (http://help.yahoo.co.jp/help/jp/search/indexing/indexing-15.html) 1 Time(s)
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots) 2 Time(s)
Y!J-BRO/YFSJ crawler (compatible; Mozilla 4.0; MSIE 5.5; http://help.yahoo.co.jp/help/jp/search/indexing/indexing-15.html; YahooFeedSeekerJp/2.0) 1 Time(s)
Mozilla/5.0 (compatible; MJ12bot/v1.4.4; http://www.majestic12.co.uk/bot.php?+) 36 Time(s)
Mozilla/5.0 (compatible; Genieo/1.0 http://www.genieo.com/webfilter.html) 2 Time(s)
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) 5 Time(s)
Mozilla/5.0 (compatible; Ezooms/1.0; ezooms.bot@gmail.com) 8 Time(s)
ShowyouBot (http://showyou.com/crawler) 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Sessions Opened:
user1: 2 Time(s)
su-l:
Sessions Opened:
user1(uid=500) -> root: 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
New Users:
zabbix (100)
New Groups:
zabbix (101)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail Begin ------------------------
STATISTICS
----------
Bytes Transferred: 62060
Messages Processed: 7
Addressed Recipients: 7
Message recipients per delivery agent:
Name # Rcpts
esmtp 2
local 2
---------------------
TOTAL: 4
in addition to 3 relay
submission(s) from MSP
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 5 29
10k - 20k 2 31
----------------------------------
TOTAL 7 60
Avg. Size 8
Top 10 Email Recipients
----------------------------------
oki2a24@gmail.com : 4 emails
root@oki2a24.com : 1 emails
STARTTLS used the following encryption mechanisms
Cipher: RC4-SHA Bits: 128/128: 2 Time(s)
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
oki2a24:
222.111.999.888 (888.999.111.222.dd.example.com): 2 times
Received disconnect:
11: disconnected by user
222.111.999.888 : 1 Time(s)
---------------------- SSHD End -------------------------
--------------------- yum Begin ------------------------
Packages Installed:
fping-3.6-1.el5.rf.i386
unixODBC-libs-2.2.11-10.el5.i386
iksemel-1.4-2.el5.i386
ipa-pgothic-fonts-003.02-3.1.el5.noarch
zabbix-server-mysql-2.0.9-1.el5.i386
zabbix-web-2.0.9-1.el5.i386
zabbix-web-mysql-2.0.9-1.el5.i386
zabbix-2.0.9-1.el5.i386
zabbix-web-japanese-2.0.9-1.el5.i386
OpenIPMI-libs-2.0.16-16.el5.i386
fontconfig-2.4.1-7.el5.i386
php-bcmath-5.4.22-1.el5.remi.i386
zabbix-server-2.0.9-1.el5.i386
unixODBC-2.2.11-10.el5.i386
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 50G 1.7G 49G 4% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
[root@oki2a24 tmp]#
おわりに
久しぶりに Logwatch について調べておりましたら、次のページを拝見しましてレポートの詳細レベルを設定できることに初めて気が付きましたの!
具体的にどれほど異なるのか気になってしまいましたの♪長い投稿となってしまいましたがわたくしは満足いたしましたわ♪
なお、冒頭のまとめの表を作るのに、以前書きました次の投稿を参考にいたしました。メモ大事ですの♪
以上です。