fredrik/logcheck
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
f81fba1f3334c8d035ac7770e40a67d8bdb7d4a1
logcheck/testlog
Fredrik Wahlberg f81fba1f33 Ytterligare några rader
2016-03-27 16:46:31 +02:00

135 lines
16 KiB
Plaintext
Raw Blame History

Mar 16 21:43:05 kvarnen named[8896]: master 66.23.226.92#53 (source 0.0.0.0#0) deleted from unreachable cache
Mar 16 21:43:05 kvarnen named[8896]: transfer of 'wahlberg.se/IN' from 66.23.226.92#53: connected using 95.170.86.14#37390
Mar 17 04:51:05 kvarnen freshclam[485]: Empty script main-56.cdiff, need to download entire database
Mar 17 04:51:48 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
Mar 17 04:51:48 kvarnen freshclam[485]: WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
Mar 17 04:51:48 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
Mar 17 04:51:48 kvarnen freshclam[485]: Trying again in 5 secs...
Mar 17 04:52:54 kvarnen freshclam[485]: Empty script main-56.cdiff, need to download entire database
Mar 17 04:53:24 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
Mar 17 04:53:24 kvarnen freshclam[485]: WARNING: getfile: Error while reading database from db.local.clamav.net (IP: 194.109.6.97): Operation now in progress
Mar 17 04:53:24 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
Mar 17 04:53:24 kvarnen freshclam[485]: Trying again in 5 secs...
Mar 17 04:53:37 kvarnen freshclam[485]: WARNING: getfile: Error while reading database from db.local.clamav.net (IP: 217.19.16.188): Connection reset by peer
Mar 17 04:53:37 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:53:37 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
Mar 17 04:54:37 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
Mar 17 04:54:37 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
Mar 17 04:54:37 kvarnen freshclam[485]: Trying again in 5 secs...
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
Mar 17 05:02:18 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
Mar 17 05:02:18 kvarnen freshclam[485]: WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
Mar 17 05:02:18 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
Mar 17 05:02:18 kvarnen freshclam[485]: Trying again in 5 secs...
Mar 17 05:02:24 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 05:02:24 kvarnen freshclam[485]: ERROR: getpatch: Can't download main-56.cdiff from db.local.clamav.net
Mar 17 05:02:24 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
Mar 17 05:07:21 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
Mar 17 05:07:21 kvarnen freshclam[485]: ERROR: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
Mar 17 05:07:21 kvarnen freshclam[485]: ERROR: Can't download main.cvd from db.local.clamav.net
Mar 17 05:07:21 kvarnen freshclam[485]: Giving up on db.local.clamav.net...
Mar 17 05:07:22 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from database.clamav.net
Mar 17 05:07:22 kvarnen freshclam[485]: ERROR: getpatch: Can't download main-56.cdiff from database.clamav.net
Mar 17 05:07:22 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
Mar 17 05:07:22 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
Mar 17 05:07:22 kvarnen freshclam[485]: Can't connect to port 80 of host database.clamav.net (IP: 145.58.29.83)
Mar 17 05:07:22 kvarnen freshclam[485]: Trying host database.clamav.net (213.73.255.243)...
Mar 17 05:07:52 kvarnen freshclam[485]: Can't connect to port 80 of host database.clamav.net (IP: 213.73.255.243)
Mar 17 05:07:52 kvarnen freshclam[485]: ERROR: Can't download main.cvd from database.clamav.net
Mar 17 05:07:52 kvarnen freshclam[485]: Giving up on database.clamav.net...
Mar 17 05:07:52 kvarnen freshclam[485]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
Mar 17 06:27:00 kvarnen freshclam[485]: Downloading main.cvd [100%]
Mar 17 06:27:06 kvarnen freshclam[485]: WARNING: getfile: Unknown response from remote server (IP: 145.58.29.83)
Mar 17 06:30:26 kvarnen freshclam[485]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
Mar 18 20:23:08 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<y+JQrVcuJwDIRGPZ>
Mar 20 11:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 00:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 01:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 02:40:01 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<ZBvPLIUufADIRGPZ>
Mar 21 02:40:02 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<vA/kLIUuLADIRGPZ>
Mar 21 02:40:04 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<7uj4LIUuMQDIRGPZ>
Mar 21 02:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 03:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 04:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 05:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Mar 21 05:58:32 kvarnen named[8896]: zone happysthlm.se/IN: refresh: retry limit for master 66.23.226.92#53 exceeded (source 0.0.0.0#0)
Mar 21 05:58:39 kvarnen named[8896]: transfer of 'happysthlm.se/IN' from 66.23.226.92#53: connected using 95.170.86.14#33872
Mar 22 13:03:22 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<zjjk/6EudwDaHecV>
Mar 22 13:03:26 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<OsoiAKIu3ADaHecV>
Mar 22 13:03:29 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<vGlWAKIu5QDaHecV>
Mar 22 15:00:30 kvarnen dovecot: imap-login: Aborted login (no auth attempts in 0 secs): user=<>, rip=188.138.1.218, lip=95.170.86.14, session=<ZMLXoqMuFwC8igHa>
Mar 22 13:31:42 nada sendmail[24653]: gethostbyaddr(127.0.0.2) failed: 1
Mar 22 18:05:16 nada sshd[29644]: Received disconnect from 91.193.74.7: 11: Bye [preauth]
Mar 23 02:41:44 nada spamd[19688]: pyzor: check failed: internal error, python traceback seen in response
Mar 23 05:48:21 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=ammis@lubcke.se uid=0 euid=0 tty=dovecot ruser=ammis@lubcke.se rhost=182.68.167.174
Mar 23 05:48:21 nada auth: pam_unix(dovecot:auth): check pass; user unknown
Mar 23 05:48:21 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=ammis@lubcke.se rhost=182.68.167.174
Mar 23 05:48:25 nada dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<ammis@lubcke.se>, method=PLAIN, rip=182.68.167.174, lip=66.23.226.92, TLS, session=<rVEJCrAubwC2RKeu>
Mar 23 07:01:37 nada spamd[14446]: pyzor: check failed: internal error, python traceback seen in response
Mar 23 10:07:56 nada sm-mta[20809]: u2N97qjp020809: hostby.ankas-group.net [46.161.40.200] (may be forged): possible SMTP attack: command=AUTH, count=5
Mar 23 07:34:37 kvarnen sshd[25479]: Disconnecting: Change of username or service not allowed: (vmware,ssh-connection) -> (a,ssh-connection) [preauth]
Mar 23 09:24:01 kvarnen sshd[19594]: Disconnecting: Change of username or service not allowed: (suser,ssh-connection) -> (user,ssh-connection) [preauth]
Mar 23 13:36:12 nada spamd[3731]: pyzor: check failed: internal error, python traceback seen in response
Mar 23 19:49:48 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=petter@lidberg.se uid=0 euid=0 tty=dovecot ruser=petter@lidberg.se rhost=187.131.22.215
Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): check pass; user unknown
Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petter@lidberg.se rhost=187.131.22.215
Mar 23 19:49:52 nada dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<petter@lidberg.se>, method=PLAIN, rip=187.131.22.215, lip=66.23.226.92, TLS, session=<K0NMy7sukQC7gxbX>
Mar 24 02:08:41 nada named[5002]: client 192.42.132.103#45345: notify question section contains no SOA
Mar 24 11:06:17 kvarnen sshd[5495]: channel 4: open failed: administratively prohibited: open failed
Mar 24 11:06:21 kvarnen sshd[5495]: channel 4: open failed: administratively prohibited: open failed
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/sent-mail
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/Trash
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/Drafts
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/mormors 100-&AOU-rsdag
Mar 24 14:05:39 nada sshd[16936]: Received disconnect from 91.193.74.7: 11: Bye [preauth]
Mar 24 18:13:26 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=fredmiranda@mc-cabe.com uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
Mar 24 18:13:26 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (greylist): write(Q) returned -1, expected 5: Broken pipe
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (greylist): to error state
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (spamassassin): write(Q) returned -1, expected 5: Broken pipe
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (spamassassin): to error state
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (clamav): write(Q) returned -1, expected 5: Broken pipe
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (clamav): to error state
Mar 25 19:44:04 nada sshd[20872]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
Mar 26 06:57:05 nada spamd[10050]: spamd: server hit by SIGHUP, restarting
Mar 26 06:57:05 nada spamd[10050]: spamd: child [20105] killed successfully: interrupted, signal 2 (0002)
Mar 26 06:57:05 nada spamd[10050]: spamd: child [23926] killed successfully: interrupted, signal 2 (0002)
Mar 26 06:57:05 nada spamd.pid[10050]: spamd: restarting using '/usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir --user-config -d --pidfile=/var/run/spamd.pid'
Mar 26 06:57:06 nada spamd[17910]: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:07 nada spamd[17910]: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:08 nada spamd[17910]: server socket setup failed, retry 3: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:09 nada spamd[17905]: spamd: server started on port 783/tcp (running version 3.3.2)
Mar 26 06:57:09 nada spamd[17910]: server socket setup failed, retry 4: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:10 nada spamd[17910]: server socket setup failed, retry 5: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:11 nada spamd[17910]: server socket setup failed, retry 6: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:12 nada spamd[17910]: server socket setup failed, retry 7: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:13 nada spamd[17910]: server socket setup failed, retry 8: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:14 nada spamd[17910]: server socket setup failed, retry 9: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 06:57:15 nada spamd[17910]: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Mar 26 16:18:46 nada sshd[3298]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
Mar 26 17:21:15 kvarnen epmd: epmd: invalid packet size (18245)
Mar 26 18:09:14 nada monit[5075]: 'localhost' 'localhost' cpu wait usage check succeeded [current cpu wait usage=0.0%]
Mar 26 21:45:26 nada named[5002]: validating @0xb82ba940: . NS: got insecure response; parent indicates it should be secure
Mar 26 21:45:26 nada named[5002]: managed-keys-zone ./IN: No DNSKEY RRSIGs found for '.': success
Mar 26 22:10:17 nada dovecot: pop3(ammis): Connection closed top=0/0, retr=29/1819516, del=0/73, size=4433634
Mar 26 18:09:14 nada monit[5075]: 'localhost' 'localhost' cpu wait usage check succeeded [current cpu wait usage=0.0%]
Mar 26 21:45:26 nada named[5002]: validating @0xb82ba940: . NS: got insecure response; parent indicates it should be secure
Mar 26 21:45:26 nada named[5002]: managed-keys-zone ./IN: No DNSKEY RRSIGs found for '.': success
Mar 26 22:10:17 nada dovecot: pop3(ammis): Connection closed top=0/0, retr=29/1819516, del=0/73, size=4433634
Mar 27 06:31:18 nada monit[5075]: 'clamav-milter' process PID changed from 26461 to 14050
Mar 27 06:33:18 nada monit[5075]: 'clamav-milter' process PID has not changed since last cycle
Mar 27 10:28:35 nada sshd[2326]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
Mar 27 10:28:38 nada sshd[2328]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
Reference in New Issue View Git Blame Copy Permalink