FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 07-27-2010, 02:37 PM
Aniruddha
 
Default Logwatchfreshclam log error

I get the following error message with logwatch:

--------------------------------------------------------------
No updates detected in the log for the freshclam daemon (the
ClamAV update process).
--------------------------------------------------------------

I already filed a bug because imo the default settings aren't working.
Now I try to solve this but I can't pinpoint the exact root cause.
Freshclam is working and running.


I tried creating a 'clam-update.conf' with the correct path, this didn't
work. Anyone else who has an idea what might be the problem? Thanks in
advance! Some relevant information:







---------------------------------------------------------------
# cat /usr/share/logwatch/dist.conf/logfiles/clam-update.conf
LogFile = /var/log/clamav/freshclam.log

# /etc/init.d/clamav-freshclam status
freshclam is running.

# grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf#
Analyzes the Clam Anti-Virus update log

# /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file)
# /usr/share/logwatch/default.conf/services/clam-update.conf
# /usr/share/logwatch/scripts/services/clam-update
# /var/log/clam-update
# alert, you should delete the logfile. If there's no logfile, no alerts
# will be output - but if Logwatch finds a logfile and no update attempts
LogFile = freshclam.log
LogFile = clamav/freshclam.log
Archive = freshclam.log.*
Archive = clamav/freshclam.log.*
Archive = archiv/freshclam.log.*

# tail /var/log/clamav/freshclam.log
Tue Jul 27 15:39:24 2010 -> ClamAV update process started at Tue Jul 27
15:39:24 2010
Tue Jul 27 15:39:24 2010 -> main.cvd is up to date (version: 52, sigs:
704727, f-level: 44, builder: sven)

Tue Jul 27 15:39:54 2010 -> nonblock_connect: connect timing out (30 secs)
Tue Jul 27 15:39:54 2010 -> Can't connect to port 80 of host
db.local.clamav.net (IP: 192.121.13.5)
Tue Jul 27 15:39:54 2010 -> Trying host db.local.clamav.net
(193.1.193.64)...

Tue Jul 27 15:39:54 2010 -> Downloading daily-11440.cdiff [100%]
Tue Jul 27 15:39:54 2010 -> daily.cld updated (version: 11440, sigs:
107962, f-level: 53, builder: arnaud)
Tue Jul 27 15:39:54 2010 -> bytecode.cld is up to date (version: 32,
sigs: 8, f-level: 53, builder: edwin)
Tue Jul 27 15:39:54 2010 -> Database updated (812697 signatures) from
db.local.clamav.net (IP: 193.1.193.64)

Tue Jul 27 15:39:54 2010 -> --------------------------------------


Logwatch error message:
--------------------- clam-update Begin ------------------------


No updates detected in the log for the freshclam daemon (the
ClamAV update process). If the freshclam daemon is not running,
you may need to restart it. Other options:

A. If you no longer wish to run freshclam, deleting the log file
(default is freshclam.log) will suppress this error message.

B. If you use a different log file, update the appropriate
configuration file. For example:
echo "LogFile = log_file" >>
/etc/logwatch/conf/logfiles/clam-update.conf

where log_file is the filename of the freshclam log file.

C. If you are logging using syslog, you need to indicate that your
log file uses the syslog format. For example:
echo "*OnlyService = freshclam" >>
/etc/logwatch/conf/logfiles/clam-update.conf
echo "*RemoveHeaders" >>
/etc/logwatch/conf/logfiles/clam-update.conf


---------------------- clam-update End -------------------------


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: 4C4EEF3F.90402@gmail.com">http://lists.debian.org/4C4EEF3F.90402@gmail.com
 
Old 07-27-2010, 06:32 PM
Camaleón
 
Default Logwatchfreshclam log error

On Tue, 27 Jul 2010 16:37:51 +0200, Aniruddha wrote:

> I get the following error message with logwatch:

(...)

> # grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf
> # Analyzes the Clam Anti-Virus update log
> # /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file)
> # /usr/share/logwatch/default.conf/services/clam-update.conf
> # /usr/share/logwatch/scripts/services/clam-update
> # /var/log/clam-update
^^^^^^^^^^^^^^^^^^^^

The above path...

> # tail /var/log/clamav/freshclam.log
^^^^^^^^^^^^^^^^

And this one, differ.

Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/
freshclam.log" and finds nothing :-?

You can make a quick test and try it with the full path:

***
LogFile = /var/log/clamav/freshclam.log
***

Restart the service and see what happens. Remember to change it after the
test.

If that works, just use a custom rule under "/etc/logwatch/conf/logfiles/
clam-update.conf" and put any modification there as the docs say.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.07.27.18.32.35@gmail.com">http://lists.debian.org/pan.2010.07.27.18.32.35@gmail.com
 
Old 07-27-2010, 07:52 PM
Aniruddha
 
Default Logwatchfreshclam log error

On Tue, Jul 27, 2010 at 8:32 PM, Camaleón <noelamac@gmail.com> wrote:
>
> Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/
> freshclam.log" and finds nothing :-?
>
> You can make a quick test and try it with the full path:
>
> ***
> LogFile = /var/log/clamav/freshclam.log
> ***
>

Thanks for the help! *I've added the correct logpath to
'clam-update.conf'* but this didn't make any difference.

# grep log /usr/share/logwatch/default.conf/logfiles/clam-update.conf

# Analyzes the Clam Anti-Virus update log
# /usr/share/logwatch/default.conf/logfiles/clam-update.conf (this file)
# /usr/share/logwatch/default.conf/services/clam-update.conf
# /usr/share/logwatch/scripts/services/clam-update
# /var/log/clam-update
# alert, you should delete the logfile. If there's no logfile, no alerts
# will be output - but if Logwatch finds a logfile and no update attempts
#LogFile = freshclam.log
LogFile = /var/log/clamav/freshclam.log
LogFile = clamav/freshclam.log
Archive = freshclam.log.*
Archive = clamav/freshclam.log.*
Archive = archiv/freshclam.log.*


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: AANLkTi=onuNgPVCDXGD2gZ2fJmWUXOK_u-WHgDCnk3Ph@mail.gmail.com">http://lists.debian.org/AANLkTi=onuNgPVCDXGD2gZ2fJmWUXOK_u-WHgDCnk3Ph@mail.gmail.com
 
Old 07-27-2010, 09:51 PM
Camaleón
 
Default Logwatchfreshclam log error

On Tue, 27 Jul 2010 21:52:29 +0200, Aniruddha wrote:

> On Tue, Jul 27, 2010 at 8:32 PM, Camaleón <noelamac@gmail.com> wrote:
>>
>> Is that right? Maybe "logwatch" is looking into "/var/log/clam-update/
>> freshclam.log" and finds nothing :-?
>>
>> You can make a quick test and try it with the full path:
>>
>> ***
>> LogFile = /var/log/clamav/freshclam.log ***
>>
>>
> Thanks for the help! *I've added the correct logpath to
> 'clam-update.conf'* but this didn't make any difference.

(...)

> LogFile = clamav/freshclam.log
^^^^^^^^^^^^^^^^^^^^
(...)

Okay... after a careful reading of "/usr/share/logwatch/logwatch.conf"
I've noticed that all log files are relative to path "/var/log" so the
line "LogFile = clamav/freshclam.log" should be just enough for Debian
systems (no need to put the full path, which otoh, is not working).

Dunno why it is not detecting the log, all seems right :-?

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.07.27.21.51.33@gmail.com">http://lists.debian.org/pan.2010.07.27.21.51.33@gmail.com
 

Thread Tools




All times are GMT. The time now is 01:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org