################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Mon Jun 3 03:48:10 2013
Date Range Processed: yesterday
( 2013-Jun-02 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host:
linode01.ovirt.org
##################################################################
--------------------- httpd Begin ------------------------
Requests with error response codes
404 Not Found
/%27: 1 Time(s)
//wp-content/themes/Avenue/timthumb.php?sr ... .log/upload.php: 1 Time(s)
//wp-content/themes/TheTravelTheme/include ... .com.mx/cpx.php: 1 Time(s)
//wp-content/themes/TheTravelTheme/include ... m.mx/shellx.php: 1 Time(s)
/How_to_Connect_to_SPICE_Console_Without_Portal: 1 Time(s)
/YaBB.cgi/: 1 Time(s)
/YaBB.pl/: 1 Time(s)
/account/register.php: 1 Time(s)
/admin.php: 2 Time(s)
/admin/banner_manager.php/login.php: 2 Time(s)
/admin/board: 1 Time(s)
/admin/file_manager.php/login.php: 2 Time(s)
/admin/file_manager.php/login.php?action=d ... s/configure.php: 2 Time(s)
/administrator/index.php: 2 Time(s)
/board: 2 Time(s)
/category/news/feed: 3 Time(s)
/category/news/feed/: 91 Time(s)
/favicon.ico: 285 Time(s)
/forums/index.php?action=registernew: 1 Time(s)
/index.php: 1 Time(s)
/index.php/forums/member/register: 1 Time(s)
/index.php?: 1 Time(s)
/index.php?a=register: 1 Time(s)
/index.php?act=Reg&CODE=00: 1 Time(s)
/index.php?action=register: 1 Time(s)
/index.php?action=registernew: 1 Time(s)
/index.php?app=core&module=global§ion=register: 1 Time(s)
/index.php?do=/user/register/: 1 Time(s)
/index.php?option=com_registration&task=register: 2 Time(s)
/index.php?page=en_Signup: 1 Time(s)
/join.php: 1 Time(s)
/listinfo/board: 1 Time(s)
/magazine.html: 1 Time(s)
/member/register: 2 Time(s)
/pipermail/account/register.php: 1 Time(s)
/pipermail/arch/2012-april/000546.html: 1 Time(s)
/pipermail/board/2012-july/000570.html: 1 Time(s)
/pipermail/engine-patches/2012-May/017645.htmlindex.php: 1 Time(s)
/pipermail/engine-patches/2012-march/009260.html: 1 Time(s)
/pipermail/engine-patches/2012-march/009273.html: 1 Time(s)
/pipermail/index.php?act=Login&CODE=00: 1 Time(s)
/pipermail/index.php?act=Reg&CODE=00: 3 Time(s)
/pipermail/index.php?action=registernew: 1 Time(s)
/pipermail/index.php?app=core&module=global§ion=login: 1 Time(s)
/pipermail/index.php?app=core&module=global§ion=register: 3 Time(s)
/pipermail/index.php?do=/user/register/: 1 Time(s)
/pipermail/index.php?option=com_registration&task=register: 1 Time(s)
/pipermail/infra//wp-content/themes/TheTra ... .com.mx/cpx.php: 1 Time(s)
/pipermail/infra//wp-content/themes/TheTra ... m.mx/shellx.php: 1 Time(s)
/pipermail/infra/2012-February/000224.html ... 578EQ/index.php: 1 Time(s)
/pipermail/infra/2012-February/000224.html ... aAYYQ/index.php: 1 Time(s)
/pipermail/infra/2012-February/000224.html ... bxK4Q/index.php: 1 Time(s)
/pipermail/infra/2012-February/index.php: 1 Time(s)
/pipermail/infra/2012-November//wp-content ... .com.mx/cpx.php: 1 Time(s)
/pipermail/infra/2012-November//wp-content ... .log/upload.php: 1 Time(s)
/pipermail/infra/2012-November//wp-content ... m.mx/shellx.php: 1 Time(s)
/pipermail/infra/2012-November/001303.html ... %2Fcoreunix.php: 1 Time(s)
/pipermail/infra/2012-November/001330.html ... .log/upload.php: 2 Time(s)
/pipermail/infra/2012-November/001330.html ... om%2Fsimpel.php: 1 Time(s)
/pipermail/infra/2012-November/001410.html ... .log/upload.php: 1 Time(s)
/pipermail/infra/2012-November/001483.html ... .log/upload.php: 2 Time(s)
/pipermail/infra/2012-November/001483.html ...
aha.com/jos.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... %2Fcoreunix.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... .com/shellx.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... .log/upload.php: 3 Time(s)
/pipermail/infra/2012-November/wp-content/ ...
aha.com/jos.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... com%2Fbyroe.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ...
inc.com/cpx.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... om%2Fsimpel.php: 1 Time(s)
/pipermail/infra/2012-October/001202.html& ... r.php/login.php: 4 Time(s)
/pipermail/infra/2012-October/001202.html& ... s/configure.php: 2 Time(s)
/pipermail/infra/2012-October/001236.html/ ... action=register: 2 Time(s)
/pipermail/infra/2012-October/admin/banner ... r.php/login.php: 2 Time(s)
/pipermail/infra/2012-October/admin/file_m ... r.php/login.php: 2 Time(s)
/pipermail/infra/2012-October/admin/file_m ... s/configure.php: 2 Time(s)
/pipermail/infra/2012-july/000745.html: 1 Time(s)
/pipermail/infra/2012-september/001144.html: 1 Time(s)
/pipermail/infra/2013-April//wp-content/th ... .log/upload.php: 1 Time(s)
/pipermail/infra/2013-April/002530.html&am ... .log/upload.php: 1 Time(s)
/pipermail/infra/2013-May/003003.html& ... jlari.tk/xp.php: 1 Time(s)
/pipermail/infra/2013-May/wp-content/theme ... jlari.tk/xp.php: 1 Time(s)
/pipermail/infra/wp-content/themes/premium ... .com/shellx.php: 1 Time(s)
/pipermail/infra/wp-content/themes/premium ...
inc.com/cpx.php: 1 Time(s)
/pipermail/node-devel/2011-december/: 1 Time(s)
/pipermail/node-devel/2012-january.txt.gz: 1 Time(s)
/pipermail/node-devel/2012-september/subject.html: 1 Time(s)
/pipermail/register.php: 3 Time(s)
/pipermail/signup: 1 Time(s)
/pipermail/signup.php: 2 Time(s)
/pipermail/tiki-register.php: 1 Time(s)
/pipermail/ucp.php?mode=register: 1 Time(s)
/pipermail/users/2012-August/008843.html++ ... orms+are+found;: 1 Time(s)
/pipermail/wp-login.php?action=register: 1 Time(s)
/profile.php?mode=register: 1 Time(s)
/register: 1 Time(s)
/register.php: 2 Time(s)
/register/: 1 Time(s)
/registration_rules.asp?FID=0: 1 Time(s)
/releases/3.2_bak/rpm/Fedora/19/noarch/: 1 Time(s)
/releases/3.3/iso/: 1 Time(s)
/releases/beta.old.20120808/src/?C=N%3bO=A: 1 Time(s)
/releases/beta/fedora/17/repodata/repomd.xml: 2 Time(s)
/releases/nightly/binary/: 1 Time(s)
/releases/nightly/fedora/16/repodata/repomd.xml: 108 Time(s)
/releases/nightly/rpm/Fedora/17/repodata/5 ... ther.sqlite.bz2: 2 Time(s)
/releases/nightly/rpm/Fedora/17/repodata/b ... ther.sqlite.bz2: 12 Time(s)
/releases/nightly/rpm/Fedora/18/repodata/3 ... ther.sqlite.bz2: 13 Time(s)
/releases/ovirt-release-fedora-noarch.rpm: 1 Time(s)
/releases/ovirt-releases-fedora.noarch.rpm: 1 Time(s)
/releases/stable/binary/: 2 Time(s)
/releases/stable/fedora/16/ovirt-engine.repo: 3 Time(s)
/releases/stable/fedora/16/repodata/filelists.xml.gz: 1 Time(s)
/releases/stable/fedora/16/repodata/repomd.xml: 248 Time(s)
/releases/stable/ovirt-engine.repo: 4 Time(s)
/releases/stable/rpm/EL/6Server/repodata/repomd.xml: 12 Time(s)
/releases/stable/rpm/EL6/6.4/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/EL6/6/repodata/repomd.xml: 32 Time(s)
/releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 41 Time(s)
/releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 3 Time(s)
/releases/stable/rpm/Fedora/12/repodata/repomd.xml: 6 Time(s)
/releases/stable/rpm/Fedora/15/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/Fedora/16/repodata/repomd.xml: 45 Time(s)
/releases/stable/rpm/Fedora/19/repodata/repomd.xml: 31 Time(s)
/releases/stable/src/%25: 1 Time(s)
/robots.txt: 50 Time(s)
/root/passwords: 1 Time(s)
/sign_up.html: 1 Time(s)
/signup: 1 Time(s)
/signup.php: 3 Time(s)
/site/signup.php: 1 Time(s)
/ucp.php?mode=register&change_lang=en: 1 Time(s)
/user/register: 1 Time(s)
/wp-content/themes/TheTravelTheme/includes ... .log/upload.php: 2 Time(s)
/wp-content/themes/TheTravelTheme/includes ...
aha.com/jos.php: 1 Time(s)
/wp-content/themes/ecobiz/timthumb.php?src ... .log/upload.php: 1 Time(s)
/wp-content/themes/ecobiz/timthumb.php?src ... jlari.tk/xp.php: 1 Time(s)
/wp-content/themes/ecobiz/timthumb.php?src ... om%2Fsimpel.php: 1 Time(s)
/wp-content/themes/headlines/thumb.php?src ... %2Fcoreunix.php: 1 Time(s)
/wp-content/themes/headlines/thumb.php?src ... com%2Fbyroe.php: 1 Time(s)
/wp-content/themes/premiumnews/thumb.php?s ... .com/shellx.php: 1 Time(s)
/wp-content/themes/premiumnews/thumb.php?s ...
inc.com/cpx.php: 1 Time(s)
/wp-login.php: 2 Time(s)
416 Request Range Not Satisfiable
/releases/nightly/rpm/Fedora/18/noarch/oto ... fc18.noarch.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 1 Time(s)
/releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 6.fc18.i686.rpm: 2 Time(s)
/releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 8.fc18.i686.rpm: 1 Time(s)
/releases/stable/rpm/Fedora/18/noarch/otop ... fc18.noarch.rpm: 3 Time(s)
/releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 10 Time(s)
/releases/stable/rpm/Fedora/18/noarch/vdsm ... fc18.noarch.rpm: 21 Time(s)
/releases/stable/rpm/Fedora/18/x86_64/vdsm ... fc18.x86_64.rpm: 4 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
su-l:
Sessions Opened:
root -> knesenko: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
34 *Warning: Pre-queue content-filter connection overload
11.152M Bytes accepted 11,693,794
194.157M Bytes delivered 203,588,466
======== ================================================
1688 Accepted 99.06%
16 Rejected 0.94%
-------- ------------------------------------------------
1704 Total 100.00%
======== ================================================
16 Reject unknown user 100.00%
-------- ------------------------------------------------
16 Total Rejects 100.00%
======== ================================================
978 Connections made
14 Connections lost
978 Disconnections
1653 Removed from queue
520 Delivered
29004 Sent via SMTP
3 Forwarded
54 Deferred
889 Deferrals
8 Bounce (local)
24 Bounce (remote)
3 Expired and returned to sender
35 DSNs undeliverable
1055 Connection failure (outbound)
1 Timeout (inbound)
47 Hostname verification errors
343 Enabled PIX workaround
---------------------- Postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
New Users:
knesenko (517)
New Groups:
knesenko (517)
**Unmatched Entries**
usermod: add 'knesenko' to group 'wheel': 1 Time(s)
usermod: add 'knesenko' to shadow group 'wheel': 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
eedri:
109.64.196.121: 3 times
gerrit-backup:
107.22.212.69 (
gerrit.ovirt.org): 3 times
jenkins:
50.19.1.136 (
ec2-50-19-1-136.compute-1.amazonaws.com): 1 time
jslave:
23.20.17.161 (
ec2-23-20-17-161.compute-1.amazonaws.com): 1 time
Received disconnect:
11: Bye Bye : 3134 Time(s)
11: disconnected by user : 5 Time(s)
SFTP subsystem requests: 2 Time(s)
**Unmatched Entries**
reverse mapping checking getaddrinfo for n51.roycegroup.info [173.255.139.157] failed -
POSSIBLE BREAK-IN ATTEMPT! : 822 time(s)
reverse mapping checking getaddrinfo for
ip223.hichina.com [223.4.206.38] failed -
POSSIBLE BREAK-IN ATTEMPT! : 161 time(s)
reverse mapping checking getaddrinfo for 26.ip-176-31-184.eu [176.31.184.26] failed -
POSSIBLE BREAK-IN ATTEMPT! : 1431 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
eedri => root
-------------
/bin/bash - 3 Times.
---------------------- Sudo (secure-log) End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 59G 47G 13G 80% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################