Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

8.106. logwatch

An updated logwatch package that fixes several bugs is now available for Red Hat Enterprise Linux 6.
Logwatch is a customizable, pluggable log-monitoring system. It will go through the user's logs for a given period of time and make a report in the areas that the user needs.

Bug Fixes

BZ#737247
Previously, logwatch did not correctly parse the up2date service's "updateLoginInfo() login info" messages and displayed them as unmatched entries. With this update, parsing of such log messages has been fixed and works as expected.
BZ#799690
Prior to this update, logwatch did not correctly parse many Openswan log messages and displayed them as unmatched entries. With this update, parsing of such log messages has been fixed and works as expected.
BZ#799987
Logwatch did not parse Dovecot 2.x log messages properly. That resulted in a lot of unmatched entries in its reports. This patch adds additional logic to correctly parse Dovecot 2.x logs, thus unmatched entries related to Dovecot 2.x messages no longer appear.
BZ#800843
The .hdr files are headers for RPM packages; they are essentially metadata. Logwatch's HTTP service parser emitted warnings for the .hdr files, even when the "Detail" parameter was set to "Low". With this update, the .hdr files are now parsed as archives, which removes spurious warnings about the .hdr files.
BZ#837034
Previously, logwatch did not correctly handle the "MailTo" option in its configuration. That resulted in no output, even though a report should have been displayed. This patch adds additional logic to correctly handle an empty "MailTo" option. As a result, output is correctly produced even when this option is empty.
BZ#888007
Prior to this update, logwatch did not correctly parse many smartd log messages and displayed them as unmatched entries. With this update, parsing of such log messages has been fixed and works as expected.
BZ#894134
Prior to this update, logwatch did not correctly parse DNS log messages with DNSSEC validation enabled and displayed them as unmatched entries. With this update, parsing of such log messages has been fixed and works as expected.
BZ#894185
Previously, logwatch did not correctly parse the postfix service's "improper command pipelining" messages and displayed them as unmatched entries. With this update, parsing of such log messages has been fixed and works as expected.
BZ#894191
Previously, logwatch did not correctly parse user names in the secure log. It improperly assumed that such names are composed of letters only and displayed messages containing names with other symbols, such as digits, as unmatched entries. With this update, parsing of user names has been enhanced to include underscores and digits, thus log messages containing such user names no longer display as unmatched entries.
BZ#974042
Logins initiated with the "su -" or "su -l" command were not correctly parsed by logwatch and were displayed as unmatched entries. This update fixes this bug.
BZ#974044
Prior to this update, logwatch did not correctly parse the RSYSLOG_FileFormat time stamps and displayed them as unmatched entries. With this update, parsing of the rsyslog time stamps has been fixed and works as expected.
BZ#974046
SSH Kerberos (GSS) logins were not correctly parsed by logwatch and were displayed as unmatched entries. This update fixes this bug.
BZ#974047
Xen virtual console logins were not correctly parsed by logwatch and were displayed as unmatched entries. This update fixes this bug.
Users of logwatch are advised to upgrade to this updated package, which fixes these bugs.