################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Tue Jun 18 03:36:22 2013 Date Range Processed: yesterday ( 2013-Jun-17 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request /?q=admin&destination=admin: 1 Time(s) 404 Not Found /**mailman/listinfo/arch<http://lists.ovir ... n/listinfo/arch: 1 Time(s) /admin/board: 4 Time(s) /administrator/index.php: 1 Time(s) /board: 8 Time(s) /category/news/feed: 2 Time(s) /category/news/feed/: 125 Time(s) /contact.php: 1 Time(s) /favicon.ico: 490 Time(s) /index.php?action=register: 3 Time(s) /listinfo/announce: 1 Time(s) /listinfo/board: 4 Time(s) /listinfo/node-patches: 1 Time(s) /node-base/3.0.0/rpm/Fedora/18/repodata/repomd.xml: 1 Time(s) /phppath/php: 1 Time(s) /pipermail: 1 Time(s) /pipermail/cgi-bin/register.cgi: 1 Time(s) /pipermail/engine-patches/2012-October/dvdgrccar.html: 1 Time(s) /pipermail/engine-patches/2012-april/014667.html: 1 Time(s) /pipermail/infra/2012-August/000878.html&a ... ydg/contact.php: 1 Time(s) /pipermail/infra/2012-August/contact.php: 1 Time(s) /pipermail/infra/2012-November/001362.html ... 6%22%20href=%22: 2 Time(s) /pipermail/infra/2012-November/001404.html ... 7%22%20href=%22: 2 Time(s) /pipermail/infra/2012-September/001149.htm ... 41Q/contact.php: 1 Time(s) /pipermail/infra/2012-September/contact.php: 1 Time(s) /pipermail/node-devel/2011-december.txt.gz: 1 Time(s) /pipermail/node-devel/2012-april/000204.html: 2 Time(s) /pipermail/node-devel/2012-august/thread.html: 1 Time(s) /pipermail/node-devel/2012-june/author.html: 1 Time(s) /pipermail/node-devel/2012-october/subject.html: 1 Time(s) /pipermail/register.cgi: 2 Time(s) /pipermail/user?destination=node/add: 1 Time(s) /pipermail/users/2012-August/008843.html++ ... orms+are+found;: 1 Time(s) /pipermail/users/2012-June/008252.html++++ ... orms+are+found;: 1 Time(s) /pipermail/users/2012-may/001831.html: 1 Time(s) /pipermail/users/2012-may/001864.html: 1 Time(s) /pipermail/users/2012-may/001891.html: 1 Time(s) /pipermail/users/2012-may/002089.html: 1 Time(s) /pipermail/users/2012-october/: 1 Time(s) /releases/3.2/rpm/EL/6/noarch/repodata/: 1 Time(s) /releases/3.2/rpm/EL/6/noarch/repodata/repomd.xml: 4 Time(s) /releases/3.2/rpm/EL/6/noarch/repodata/repomd.xml:: 4 Time(s) /releases/3.2/rpm/fedora/18/noarch/: 1 Time(s) /releases/beta.old.20120808/binary/?C=N%3bO=A: 1 Time(s) /releases/beta/fedora/17/repodata/repomd.xml: 15 Time(s) /releases/beta/ovirt-engine.repo: 7 Time(s) /releases/nightly/fedora/16/repodata/repomd.xml: 111 Time(s) /releases/nightly/rpm/EL/6/hooks/repodata/other.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/17/repodata/2 ... ther.sqlite.bz2: 12 Time(s) /releases/nightly/rpm/Fedora/17/repodata/b ... ists.sqlite.bz2: 10 Time(s) /releases/nightly/rpm/Fedora/17/repodata/e ... ther.sqlite.bz2: 10 Time(s) /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/6 ... ther.sqlite.bz2: 4 Time(s) /releases/nightly/rpm/Fedora/18/repodata/8 ... ther.sqlite.bz2: 2 Time(s) /releases/nightly/rpm/Fedora/18/repodata/a ... ther.sqlite.bz2: 1 Time(s) /releases/ovirt-release-el.rpm: 1 Time(s) /releases/ovirt-release-fedora.rpm: 1 Time(s) /releases/ovirt-release-fodora.noarch.rpm: 1 Time(s) /releases/stable/binary/: 6 Time(s) /releases/stable/binary/ovirt-engine-sdk-1.0-1.tar.gz: 1 Time(s) /releases/stable/fedora/16/: 5 Time(s) /releases/stable/fedora/16/repodata/repomd.xml: 251 Time(s) /releases/stable/ovirt-engine.repo: 10 Time(s) /releases/stable/rpm/EL/6.2/repodata/repomd.xml: 1 Time(s) /releases/stable/rpm/EL/6Server/repodata/repomd.xml: 21 Time(s) /releases/stable/rpm/EL/6Server/repodata/repomd.xml:: 3 Time(s) /releases/stable/rpm/EL/6http://dev.centos ... 6/ovirt/x86_64/: 1 Time(s) /releases/stable/rpm/EL6/$releasever/: 1 Time(s) /releases/stable/rpm/EL6/6/repodata/repomd.xml: 16 Time(s) /releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 16 Time(s) /releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 3 Time(s) /releases/stable/rpm/Fedora/15/repodata/repomd.xml: 13 Time(s) /releases/stable/rpm/Fedora/16/repodata/repomd.xml: 52 Time(s) /releases/user/login?destination=node/add: 18 Time(s) /releases/user?destination=node/add: 1 Time(s) /robots.txt: 62 Time(s) /trafficbasedsspsitemap.xml: 2 Time(s) /user/login?destination=node/add: 2 Time(s) /user/register: 1 Time(s) /wp-content/themes/continuum/timthumb.php? ... r.com%2Fplk.php: 1 Time(s) /wp-content/themes/premiumnews/functions/t ... r.com%2Fplk.php: 1 Time(s) /wp-content/uploads/2011/09/ovirt.png: 1 Time(s) /wp-login.php: 2 Time(s) 416 Request Range Not Satisfiable /releases/beta/rpm/Fedora/18/x86_64/vdsm-4 ... fc18.x86_64.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/oto ... fc18.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 2 Time(s) /releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 6.fc18.i686.rpm: 3 Time(s) /releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 8.fc18.i686.rpm: 1 Time(s) /releases/stable/rpm/Fedora/18/noarch/otop ... fc18.noarch.rpm: 3 Time(s) /releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 7 Time(s) /releases/stable/rpm/Fedora/18/noarch/vdsm ... fc18.noarch.rpm: 24 Time(s) /releases/stable/rpm/Fedora/18/x86_64/vdsm ... fc18.x86_64.rpm: 5 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sudo: Authentication Failures: knesenko(517) -> knesenko: 1 Time(s) Unknown Entries: conversation failed: 6 Time(s) auth could not identify password for [knesenko]: 5 Time(s) auth could not identify password for [ekohl]: 1 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 82 *Warning: Pre-queue content-filter connection overload 1 Miscellaneous warnings 68.737M Bytes accepted 72,075,712 865.700M Bytes delivered 907,752,701 ======== ================================================ 2925 Accepted 99.80% 6 Rejected 0.20% -------- ------------------------------------------------ 2931 Total 100.00% ======== ================================================ 2 Reject relay denied 33.33% 4 Reject unknown user 66.67% -------- ------------------------------------------------ 6 Total Rejects 100.00% ======== ================================================ 1900 Connections made 8 Connections lost 1900 Disconnections 2843 Removed from queue 1018 Delivered 39421 Sent via SMTP 8 Forwarded 110 Deferred 1681 Deferrals 59 Bounce (local) 26 Bounce (remote) 3 Expired and returned to sender 88 DSNs undeliverable 1189 Connection failure (outbound) 3 Timeout (inbound) 2 MX error 56 Hostname verification errors 2 Hostname validation error 508 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** usermod: change user 'knesenko' password: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: ekohl: 217.119.231.199 (bogey.xentower.nl): 1 time gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 3 times jenkins: 50.19.1.136 (ec2-50-19-1-136.compute-1.amazonaws.com): 1 time 89.31.150.215 (alterway01.ovirt.org): 1 time jslave: 23.20.17.161 (ec2-23-20-17-161.compute-1.amazonaws.com): 1 time knesenko: 79.176.122.10 (bzq-79-176-122-10.red.bezeqint.net): 2 times Received disconnect: 11: Bye Bye : 1588 Time(s) 11: disconnected by user : 8 Time(s) SFTP subsystem requests: 2 Time(s) **Unmatched Entries** reverse mapping checking getaddrinfo for 46.219.33.59.freenet.com.ua [46.219.33.59] failed - POSSIBLE BREAK-IN ATTEMPT! : 6 time(s) reverse mapping checking getaddrinfo for 12-148-60-61-savecom [61.60.148.12] failed - POSSIBLE BREAK-IN ATTEMPT! : 90 time(s) reverse mapping checking getaddrinfo for 173.255.143.241.static.westdc.net [173.255.143.241] failed - POSSIBLE BREAK-IN ATTEMPT! : 236 time(s) reverse mapping checking getaddrinfo for ip223.hichina.com [223.4.206.38] failed - POSSIBLE BREAK-IN ATTEMPT! : 450 time(s) reverse mapping checking getaddrinfo for 26.ip-176-31-184.eu [176.31.184.26] failed - POSSIBLE BREAK-IN ATTEMPT! : 620 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== ekohl => root ------------- /usr/bin/less - 1 Times. /usr/bin/puppet - 3 Times. ============================================================================== knesenko => root ---------------- /bin/su - 3 Times. /usr/bin/passwd - 1 Times. **Unmatched Entries** pam_unix(sudo:auth): conversation failed: 6 Time(s) pam_unix(sudo:auth): auth could not identify password for [knesenko]: 5 Time(s) pam_unix(sudo:auth): auth could not identify password for [ekohl]: 1 Time(s) ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 59G 52G 7.8G 87% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################