On 16 Feb 2005 at 17:58, Jody McIntyre wrote: > On Wed, Feb 16, 2005 at 04:29:39PM -0500, Martin Hicks wrote: > > > > I get a whole array of different users. I don't think its a particular > > issue unless you have weak passwords. I also have the "logwatch" > > package installed which gives me a good synopsis of failed ssh logins, > > among other info. > > How do you find logwatch overall? I used to run logcheck on my servers, > but it sent me a large number of useless log messages that obscured the > (presumably) useful information, which really defeats the purpose. I > looked for a way to tell it to stop, but couldn't find anything obvious. > Is logwatch easy to configure? Logcheck is also easy to configure. Just put the entries that you don't want to see into the logcheck.ignore files. There is more than one. Ask me for details if you want to know. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/