Quote:
Originally Posted by Capt_Caveman
The location of system logs tend to vary from distro to distro, so it helps if you can tell us which one you're using.
|
I use Slackware 10.1 running kernel 2.4.29
Quote:
Originally Posted by Capt_Caveman
It also depends on what applications/daemons you are running.
|
Daemons are as follows:
PID TTY TIME CMD
1 ? 00:00:04 init
2 ? 00:00:00 keventd
3 ? 00:00:00 ksoftirqd_CPU0
4 ? 00:00:15 kswapd
5 ? 00:00:00 bdflush
6 ? 00:00:02 kupdated
10 ? 00:00:00 mdrecoveryd
11 ? 00:00:00 kreiserfsd
61 ? 00:00:03 syslogd
64 ? 00:00:00 klogd
112 ? 00:00:00 udevd
270 ? 00:00:00 khubd
386 ? 00:00:00 dhcpcd
1765 ? 00:00:00 inetd
1769 ? 00:00:13 sshd
1773 ? 00:00:00 named
1781 ? 00:00:00 crond
1784 ? 00:00:00 sendmail
1787 ? 00:00:00 sendmail
1795 ? 00:00:00 httpd
1798 tty2 00:00:00 agetty
1799 tty3 00:00:00 agetty
1800 tty4 00:00:00 agetty
1801 tty5 00:00:00 agetty
1802 tty6 00:00:00 agetty
1803 ? 00:00:00 httpd
1804 ? 00:00:00 httpd
1805 ? 00:00:00 httpd
1806 ? 00:00:00 httpd
1807 ? 00:00:00 httpd
1825 tty1 00:00:00 agetty
1867 ? 00:00:00 httpd
1912 ? 00:00:00 httpd
11531 ? 00:00:00 sshd
11534 pts/0 00:00:00 bash
11572 pts/0 00:00:00 ps
Quote:
Originally Posted by Capt_Caveman
There are also some great tools that parse the various system and application logs and mail summaries to root. A list of these can be found in the Security References thread at the top of the forun.
|
I have seen these tools but I was kind of hoping to get a little creative with a script, I guess I have nothing better to do with my time. Thanks for your help.