Logwatchfreshclam log error
in [Debian]
|
Prev: Linux filesystems was [Re: Debian cd supporting ext4.]
Next: Monitoring tools to use on an account
From: Aniruddha on 27 Jul 2010 10:40 I get the following error message with logwatch: -------------------------------------------------------------- No updates detected in the log for the freshclam daemon (the ClamAV update process). -------------------------------------------------------------- I already filed a bug because imo the default settings aren't working. Now I try to solve this but I can't pinpoint the exact root cause. Freshclam is working and running. I tried creating a 'clam-update.conf' with the correct path, this didn't work. Anyone else who has an idea what might be the problem? Thanks in advance! Some relevant information: --------------------------------------------------------------- # cat /usr/share/logwatch/dist.conf/logfiles/clam-update.conf LogFile = /var/log/clamav/freshclam.log # /etc/init.d/clamav-freshclam status freshclam is running. # grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf# Analyzes the Clam Anti-Virus update log # /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file) # /usr/share/logwatch/default.conf/services/clam-update.conf # /usr/share/logwatch/scripts/services/clam-update # /var/log/clam-update # alert, you should delete the logfile. If there's no logfile, no alerts # will be output - but if Logwatch finds a logfile and no update attempts LogFile = freshclam.log LogFile = clamav/freshclam.log Archive = freshclam.log.* Archive = clamav/freshclam.log.* Archive = archiv/freshclam.log.* # tail /var/log/clamav/freshclam.log Tue Jul 27 15:39:24 2010 -> ClamAV update process started at Tue Jul 27 15:39:24 2010 Tue Jul 27 15:39:24 2010 -> main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven) Tue Jul 27 15:39:54 2010 -> nonblock_connect: connect timing out (30 secs) Tue Jul 27 15:39:54 2010 -> Can't connect to port 80 of host db.local.clamav.net (IP: 192.121.13.5) Tue Jul 27 15:39:54 2010 -> Trying host db.local.clamav.net (193.1.193.64)... Tue Jul 27 15:39:54 2010 -> Downloading daily-11440.cdiff [100%] Tue Jul 27 15:39:54 2010 -> daily.cld updated (version: 11440, sigs: 107962, f-level: 53, builder: arnaud) Tue Jul 27 15:39:54 2010 -> bytecode.cld is up to date (version: 32, sigs: 8, f-level: 53, builder: edwin) Tue Jul 27 15:39:54 2010 -> Database updated (812697 signatures) from db.local.clamav.net (IP: 193.1.193.64) Tue Jul 27 15:39:54 2010 -> -------------------------------------- Logwatch error message: --------------------- clam-update Begin ------------------------ No updates detected in the log for the freshclam daemon (the ClamAV update process). If the freshclam daemon is not running, you may need to restart it. Other options: A. If you no longer wish to run freshclam, deleting the log file (default is freshclam.log) will suppress this error message. B. If you use a different log file, update the appropriate configuration file. For example: echo "LogFile = log_file" >> /etc/logwatch/conf/logfiles/clam-update.conf where log_file is the filename of the freshclam log file. C. If you are logging using syslog, you need to indicate that your log file uses the syslog format. For example: echo "*OnlyService = freshclam" >> /etc/logwatch/conf/logfiles/clam-update.conf echo "*RemoveHeaders" >> /etc/logwatch/conf/logfiles/clam-update.conf ---------------------- clam-update End ------------------------- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C4EEF3F.90402(a)gmail.com
From: Camaleón on 27 Jul 2010 14:40 On Tue, 27 Jul 2010 16:37:51 +0200, Aniruddha wrote: > I get the following error message with logwatch: (...) > # grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf > # Analyzes the Clam Anti-Virus update log > # /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file) > # /usr/share/logwatch/default.conf/services/clam-update.conf > # /usr/share/logwatch/scripts/services/clam-update > # /var/log/clam-update ^^^^^^^^^^^^^^^^^^^^ The above path... > # tail /var/log/clamav/freshclam.log ^^^^^^^^^^^^^^^^ And this one, differ. Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/ freshclam.log" and finds nothing :-? You can make a quick test and try it with the full path: *** LogFile = /var/log/clamav/freshclam.log *** Restart the service and see what happens. Remember to change it after the test. If that works, just use a custom rule under "/etc/logwatch/conf/logfiles/ clam-update.conf" and put any modification there as the docs say. Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/pan.2010.07.27.18.32.35(a)gmail.com
From: Aniruddha on 27 Jul 2010 16:00 On Tue, Jul 27, 2010 at 8:32 PM, Camaleón <noelamac(a)gmail.com> wrote: > > Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/ > freshclam.log" and finds nothing :-? > > You can make a quick test and try it with the full path: > > *** > LogFile = /var/log/clamav/freshclam.log > *** > Thanks for the help! I've added the correct logpath to 'clam-update.conf' but this didn't make any difference. # grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf # Analyzes the Clam Anti-Virus update log # /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file) # /usr/share/logwatch/default.conf/services/clam-update.conf # /usr/share/logwatch/scripts/services/clam-update # /var/log/clam-update # alert, you should delete the logfile. If there's no logfile, no alerts # will be output - but if Logwatch finds a logfile and no update attempts #LogFile = freshclam.log LogFile = /var/log/clamav/freshclam.log LogFile = clamav/freshclam.log Archive = freshclam.log.* Archive = clamav/freshclam.log.* Archive = archiv/freshclam.log.* -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTi?uNgPVCDXGD2gZ2fJmWUXOK_u-WHgDCnk3Ph(a)mail.gmail.com
From: Camaleón on 27 Jul 2010 18:00 On Tue, 27 Jul 2010 21:52:29 +0200, Aniruddha wrote: > On Tue, Jul 27, 2010 at 8:32 PM, Camaleón <noelamac(a)gmail.com> wrote: >> >> Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/ >> freshclam.log" and finds nothing :-? >> >> You can make a quick test and try it with the full path: >> >> *** >> LogFile = /var/log/clamav/freshclam.log *** >> >> > Thanks for the help! I've added the correct logpath to > 'clam-update.conf' but this didn't make any difference. (...) > LogFile = clamav/freshclam.log ^^^^^^^^^^^^^^^^^^^^ (...) Okay... after a careful reading of "/usr/share/logwatch/logwatch.conf" I've noticed that all log files are relative to path "/var/log" so the line "LogFile = clamav/freshclam.log" should be just enough for Debian systems (no need to put the full path, which otoh, is not working). Dunno why it is not detecting the log, all seems right :-? Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/pan.2010.07.27.21.51.33(a)gmail.com
|
Pages: 1 Prev: Linux filesystems was [Re: Debian cd supporting ext4.] Next: Monitoring tools to use on an account |