Logwatch for linode01.ovirt.org (Linux)

################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Tue Jan 29 03:13:15 2013 Date Range Processed: yesterday ( 2013-Jan-28 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request HTTP/1.1: 2 Time(s) 404 Not Found //admin/categories.php/login.php?cPath=&ac ... product_preview: 20 Time(s) //appserv/main.php?appserv_root=http://www ... ent/recky.jpg??: 1 Time(s) //appserv/main.php?appserv_root=test??: 1 Time(s) //wp-content/themes/welcome_inn/thumb.php? ... ov.tr/cilik.php: 1 Time(s) /admin/banner_manager.php/login.php: 5 Time(s) /admin/categories.php/login.php: 5 Time(s) /admin/file_manager.php/login.php: 5 Time(s) /apple-touch-icon-precomposed.png: 1 Time(s) /apple-touch-icon.png: 1 Time(s) /category/news/feed: 23 Time(s) /category/news/feed/: 99 Time(s) /community-activity: 1 Time(s) /favicon.ico: 582 Time(s) /get-ovirt/: 1 Time(s) /meetings/ovirt/2012/ovirt.2012-09-19: 1 Time(s) /meetings/ovirt/2012/www.ovirt.org/wiki/Second_Release: 1 Time(s) /news-and-events/workshop/: 1 Time(s) /pipermail/engine-devel/2013-December: 1 Time(s) /pipermail/infra//admin/categories.php/log ... product_preview: 2 Time(s) /pipermail/infra//appserv/main.php?appserv ... ent/recky.jpg??: 1 Time(s) /pipermail/infra//appserv/main.php?appserv_root=test??: 1 Time(s) /pipermail/infra/2012-February/admin/banne ... r.php/login.php: 3 Time(s) /pipermail/infra/2012-February/admin/categ ... s.php/login.php: 3 Time(s) /pipermail/infra/2012-February/admin/file_ ... r.php/login.php: 3 Time(s) /pipermail/infra/2012-March//admin/categor ... product_preview: 2 Time(s) /pipermail/infra/2012-November//appserv/ma ... ent/recky.jpg??: 1 Time(s) /pipermail/infra/2012-November//appserv/ma ... erv_root=test??: 1 Time(s) /pipermail/infra/2012-November//wp-content ... ov.tr/cilik.php: 1 Time(s) /pipermail/infra/2012-November/001313.html ... r.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... .net/indeks.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... n.com%2Fbad.php: 2 Time(s) /pipermail/infra/2012-November/001330.html ... om.br%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... s.com%2Fcok.php: 3 Time(s) /pipermail/infra/2012-November/001445.html ... b.com%2Fbad.php: 10 Time(s) /pipermail/infra/2012-November/001445.html ... ov.tr/cilik.php: 1 Time(s) /pipermail/infra/2012-November/001471.html ... n.com%2Fbad.php: 3 Time(s) /pipermail/infra/2012-November/001471.html ... s.com%2Fcok.php: 3 Time(s) /pipermail/infra/2012-November/001483.html ... n.com%2Fbad.php: 2 Time(s) /pipermail/infra/2012-November/001483.html ... s.com%2Fcok.php: 26 Time(s) /pipermail/infra/2012-November/001552.html ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-November/001552.html ... s.php/login.php: 1 Time(s) /pipermail/infra/2012-November/001552.html ... soda.fm/bad.php: 1 Time(s) /pipermail/infra/2012-November/admin/banne ... r.php/login.php: 3 Time(s) /pipermail/infra/2012-November/admin/categ ... s.php/login.php: 3 Time(s) /pipermail/infra/2012-November/admin/file_ ... r.php/login.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... .net/indeks.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... b.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... c.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... k.com%2Fbad.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... n.com%2Fbad.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... om.br%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... r.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... s.com%2Fcok.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... soda.fm/bad.php: 1 Time(s) /pipermail/infra/2012-October//admin/categ ... product_preview: 10 Time(s) /pipermail/infra/2012-October//appserv/mai ... ent/recky.jpg??: 1 Time(s) /pipermail/infra/2012-October//appserv/mai ... erv_root=test??: 1 Time(s) /pipermail/infra/2012-October/001235.html/ ... product_preview: 10 Time(s) /pipermail/infra/2012-October/001243.html& ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-October/001243.html& ... uy%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-October/001244.html& ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-October/001265.html& ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-October/001265.html& ... uy%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-October/admin/banner ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-October/admin/categories.php/login.php: 2 Time(s) /pipermail/infra/2012-October/admin/file_m ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-October/wp-content/t ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-October/wp-content/t ... uy%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-September//admin/cat ... product_preview: 10 Time(s) /pipermail/infra/2012-September/001100.htm ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-September/001100.htm ... uy%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-September/001106.htm ... product_preview: 10 Time(s) /pipermail/infra/2012-September/wp-content ... k.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-September/wp-content ... o/wordpress.php: 1 Time(s) /pipermail/infra/2012-September/wp-content ... s.com%2Fser.php: 2 Time(s) /pipermail/infra/2012-September/wp-content ... uy%2Fstunxx.php: 1 Time(s) /pipermail/infra/admin/banner_manager.php/login.php: 3 Time(s) /pipermail/infra/admin/categories.php/login.php: 3 Time(s) /pipermail/infra/admin/file_manager.php/login.php: 3 Time(s) /pipermail/infra/wp-content/themes/r755/th ... o/wordpress.php: 1 Time(s) /pipermail/user/register: 2 Time(s) /project/resources/workshop-invitation/: 1 Time(s) /releases/3.0/rpm/Fedora/16/x86_64/: 1 Time(s) /releases/3.0/rpm/Fedora/17/x86_64/: 1 Time(s) /releases/3.1/rpm/Fedora/16/x86_64/: 1 Time(s) /releases/3.2/rpm/Fedora/17/x86_64/: 2 Time(s) /releases/3.2/tools/ovirt-live-0.9.iso: 1 Time(s) /releases/alpha/rpm/Fedora/17/repodata/repomd.xml: 3 Time(s) /releases/beta.old.20120808/: 1 Time(s) /releases/beta.old.20120808/src/: 2 Time(s) /releases/beta/deb/: 2 Time(s) /releases/beta/fedora/17/repodata/filelists.xml.gz: 24 Time(s) /releases/beta/fedora/17/repodata/other.xml.gz: 1 Time(s) /releases/beta/fedora/17/repodata/repomd.xml: 29 Time(s) /releases/beta/nightly/EL6/: 1 Time(s) /releases/beta/ovirt-engine.repo: 2 Time(s) /releases/beta/rpm/EL/6/?C=M;O=A: 1 Time(s) /releases/beta/rpm/EL/6/noarch/: 2 Time(s) /releases/beta/rpm/EL6/: 1 Time(s) /releases/beta/rpm/Fedora/17/: 1 Time(s) /releases/beta/rpm/Fedora/17/repodata/repomd.xml: 205 Time(s) /releases/beta/rpm/Fedora/17/x86_64/: 1 Time(s) /releases/beta/rpm/Fedora/18/noarch/old/?C=D;O=A: 1 Time(s) /releases/nightly/3.1.0-4/repodata/repomd.xml: 1 Time(s) /releases/nightly/binary/: 1 Time(s) /releases/nightly/binary/ovirt-node-image-2.2.3-1.1.fc16.iso: 1 Time(s) /releases/nightly/fedora/16/: 4 Time(s) /releases/nightly/fedora/16/ovirt-engine-c ... c16.noarch.rpm2: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine-c ... fc16.noarch.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine.repo: 2 Time(s) /releases/nightly/fedora/16/repodata/other.xml.gz: 1 Time(s) /releases/nightly/fedora/16/repodata/repomd.xml: 388 Time(s) /releases/nightly/fedora/18/: 1 Time(s) /releases/nightly/fedora/18/ovirt-engine.repo: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/vds ... fc18.noarch.rpm: 1 Time(s) /releases/stable/binary: 1 Time(s) /releases/stable/binary/: 7 Time(s) /releases/stable/fedora: 1 Time(s) /releases/stable/fedora/16/: 2 Time(s) /releases/stable/fedora/16//repodata/repomd.xml: 1 Time(s) /releases/stable/fedora/16/ovirt-engine.repo: 2 Time(s) /releases/stable/fedora/16/repodata/: 1 Time(s) /releases/stable/fedora/16/repodata/primary.xml.gz: 24 Time(s) /releases/stable/fedora/16/repodata/repomd.xml: 202 Time(s) /releases/stable/ovirt-engine.repo: 3 Time(s) /releases/stable/rpm/EL/6/repodata/repomd.xml: 1 Time(s) /releases/stable/rpm/EL6: 1 Time(s) /releases/stable/rpm/EL6/: 2 Time(s) /releases/stable/rpm/EL6/6/repodata/repomd.xml: 83 Time(s) /releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 16 Time(s) /releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 4 Time(s) /releases/stable/rpm/EL6/i386: 1 Time(s) /releases/stable/rpm/Fedora/$releasever/: 1 Time(s) /releases/stable/rpm/Fedora/15/repodata/repomd.xml: 4 Time(s) /releases/stable/rpm/Fedora/16/repodata/: 1 Time(s) /releases/stable/rpm/Fedora/16/repodata/repomd.xml: 100 Time(s) /reports/: 1 Time(s) /robots.txt: 36 Time(s) /user/register: 3 Time(s) /wp-content/themes/Envisioned/timthumb.php ... k.com%2Fbad.php: 2 Time(s) /wp-content/themes/Envisioned/timthumb.php ... soda.fm/bad.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... c.com%2Fbad.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... n.com%2Fbad.php: 3 Time(s) /wp-content/themes/TheTravelTheme/includes ... s.com%2Fcok.php: 3 Time(s) /wp-content/themes/multidesign/scripts/tim ... r.com%2Fbad.php: 1 Time(s) /wp-content/themes/r755/thumb.php?src=http ... o/wordpress.php: 1 Time(s) /wp-content/themes/skeptical/thumb.php?src ... .net/indeks.php: 1 Time(s) /wp-content/themes/thedawn/lib/scripts/tim ... om.br%2Fbad.php: 1 Time(s) /wp-content/themes/versatile/timthumb.php? ... s.com%2Fser.php: 2 Time(s) /wp-content/themes/versatile/timthumb.php? ... uy%2Fstunxx.php: 1 Time(s) /wp-content/themes/welcome_inn/thumb.php?s ... b.com%2Fbad.php: 1 Time(s) /wp-content/themes/welcome_inn/thumb.php?s ... k.com%2Fbad.php: 1 Time(s) /wp-content/uploads/2011/09/ovirt.png: 3 Time(s) /wp-login.php: 85 Time(s) /wp-login.php?action=register: 2 Time(s) http://www.ovirt.org/azenv.php: 1 Time(s) 416 Request Range Not Satisfiable /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/other.xml.gz: 9 Time(s) /releases/stable/rpm/Fedora/18/noarch/ovir ... fc17.noarch.rpm: 5 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ su-l: Sessions Opened: root -> rydekull: 2 Time(s) root -> ewoud: 1 Time(s) root -> root: 1 Time(s) sudo: Authentication Failures: rydekull(0) -> rydekull: 3 Time(s) Unknown Entries: auth could not identify password for [rydekull]: 3 Time(s) conversation failed: 3 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 895 *Warning: Pre-queue content-filter connection overload 10.673M Bytes accepted 11,191,197 181.816M Bytes delivered 190,647,636 ======== ================================================ 1417 Accepted 99.93% 1 Rejected 0.07% -------- ------------------------------------------------ 1418 Total 100.00% ======== ================================================ 1 Reject unknown user 100.00% -------- ------------------------------------------------ 1 Total Rejects 100.00% ======== ================================================ 1627 Connections made 28 Connections lost 1627 Disconnections 1387 Removed from queue 375 Delivered 27288 Sent via SMTP 5 Forwarded 52 Deferred 714 Deferrals 4 Bounce (local) 4 Bounce (remote) 12 Expired and returned to sender 20 DSNs undeliverable 872 Connection failure (outbound) 6 Timeout (inbound) 900 Hostname verification errors 343 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ New Users: rydekull (512) ewoud (513) New Groups: rydekull (512) ewoud (513) ---------------------- Connections (secure-log) End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 3 times jenkins: 107.22.215.130 (ec2-107-22-215-130.compute-1.amazonaws.com): 1 time mburns: 24.63.186.29 (c-24-63-186-29.hsd1.vt.comcast.net): 2 times rydekull: 194.237.142.3 (internet-gw-ext.ericsson.se): 1 time 213.112.33.37 (c-252170d5.012-55-6c756c10.cust.bredbandsbolaget.se): 1 time Received disconnect: 11: Bye Bye : 4151 Time(s) 11: disconnected by user : 3 Time(s) SFTP subsystem requests: 1 Time(s) **Unmatched Entries** Address 92.48.114.94 maps to vpsxen3.gbservers.co.uk, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 386 time(s) reverse mapping checking getaddrinfo for ip223.hichina.com [223.4.48.33] failed - POSSIBLE BREAK-IN ATTEMPT! : 25 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== mburns => root -------------- /bin/su - 1 Times. ============================================================================== rydekull => root ---------------- /bin/bash - 1 Times. /bin/ls - 2 Times. /bin/su - 1 Times. /usr/bin/id - 1 Times. list - 3 Times. **Unmatched Entries** pam_unix(sudo:auth): conversation failed: 3 Time(s) pam_unix(sudo:auth): auth could not identify password for [rydekull]: 3 Time(s) ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 48G 36G 12G 75% / /var/www/html/releases/3.1/tools/ovirt-node-iso-2.5.5-0.1.fc17.iso 173M 173M 0 100% /home/mburns/iso ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################