Trouble getting logcheck to run
hello LQ members
I've installed logcheck from the pclinuxos repos. I am using version 1.3.7 I ran logcheck without any parameters and the output said to use this code to run it. Code:
su -s /bin/bash -c "/usr/sbin/logcheck" logcheck su: Authentication failure I know my root password and I know for a fact, I entered it correctly but logcheck seems not able to authenticate it. I even log in as root and tried to run logcheck and I got this message logcheck should not be run as root. Use su to invoke logcheck: su -s /bin/bash -c "/usr/sbin/logcheck" logcheck Or use sudo: sudo -u logcheck logcheck. I think it's a bug. Do you know a similar program I could try? Thanks |
Since logcheck didn't work, I've installed logwatch and it work out of the box.
|
Quote:
Indeed Logwatch is the "better" choice compared to logcheck. First of all logcheck was created by the same person that created PortSentry (a tool one should not use as it's deprecated) who then sold his product to a large AV company and subsequently logcheck hasn't been updated in 10 years and ergo the default filters it comes with are old ("not good enough" would be an understatement). Logwatch is maintained, comes with a good set of filters, employs black listing (see any "white listing vs black listing" text for why this is important) and it is easy to add new services. |
Quote:
You are authenticating as the user "logcheck" not "root". But, as above - use logwatch instead. |
All times are GMT -5. The time now is 11:07 PM. |