All the report lines you posted should be accompanied by the IP addresses involved and clues in the sense of filters/paths Logwatch checks for (which you didn't post). "3 possible successful probes" means just that: a HTTP request for an existing (code 200) entity. The context, as in cracking or not, depends on what actually was requested (which you didn't post).
|