Trimming down LogWatch e-mail

Mariano Draghi chaghi at sion.com
Mon Mar 27 23:41:38 UTC 2006 

Hi,

I installed LogWatch in Ubuntu Breezy, because (comming from another
distro) I'm pretty accustomed to read the important things that happen
on my box daily. So I configured it to send a daily mail to the root
account (and I have root mail automatically forwarded to my local
inbox, so I can read it nicely from Evolution).

The problem is that the emails being generated by LogWatch are TOO long
to be useful. I've made a little research, and found that the culprits
seem to be Firestarter (and/or iptables), something in the kernel
related to the keyboard, and the mail-notification applet.

Thogether, they are flooding syslog.

Does anyone know how to turn off the loggin of the packets received
through the network interfaces? And what means the messages about
atkbd.c? (and if I should be worried...) And the ones from
mail-notification?

Here are the details:

> Logged 3726 packets on interface eth1
>    From 12.26.152.37 - 1 packet
>       To 192.168.10.4 - 1 packet
>          Service: 1026 (udp/1026) ([4407585.288000] Inbound,eth1,none) - 1 packet
>    From 12.220.190.210 - 1 packet
>       To 192.168.10.4 - 1 packet
>          Service: 32459 (udp/32459) ([4379960.151000] Inbound,eth1,none) - 1 packet
>    From 15.145.89.91 - 2 packets
>       To 192.168.10.4 - 2 packets
>          Service: 1025 (udp/1025) ([4449135.281000]
>Inbound,eth1,none) - 1 packet
>
...

Then, I have plenty of these:
>  1 Time(s): [4370073.892000] atkbd.c: Unknown key pressed (translated set 2, code 0xaa on isa0060/serio0).
>  1 Time(s): [4370073.892000] atkbd.c: Use 'setkeycodes e02a <keycode>' to make it known.
>  1 Time(s): [4370074.003000] atkbd.c: Unknown key released (translated
> set 2, code 0xaa on isa0060/serio0).
...

(I'm a little worried by those...)

Both kind of messages represent something like the 80% of the "garbage".


Then I have these "unmatched entries":
> mail-notification: No worthy mechs found
> mail-notification: No worthy mechs found
> mail-notification: No worthy mechs found
> mail-notification: No worthy mechs found
...

I'm using the mail-notification applet, so I suppose those come from
there... but I've been using that applet for ages, and I've never seen
anything in syslog about it.


Any clues will be greatly appreciated!

Regards,

-- 
Mariano

More information about the ubuntu-users mailing list