Logwatch/xinetd configuration mismatch

Solution Verified - Updated -

Issue

  • Log type is incorrect for xinetd

  • Logwatch is not logging xinetd properly:

RHEL 5 and RHEL 6:
[root@server1] etc [3:47] grep log_type xinetd.conf
        log_type        = SYSLOG daemon info 

RHEL 4 and RHEL 3:

[root@server2] etc [3:485] grep log_type xinetd.conf
        log_type                = SYSLOG authpriv

Logwatch's xinetd logs are checked by /usr/share/logwatch/scripts/services/secure, which in turn uses /usr/share/logwatch/default.conf/logfiles/secure.conf, which only checks:

LogFile = secure
LogFile = authlog
LogFile = auth.log
LogFile = auth.log.0

"daemon" logs are in /var/log/messages while "authpriv" logs are in /var/log/secure, this results xinetd logs not showing in logwatch report on RHEL5 and RHEL6 systems.

Environment

  • Red Hat Enterprise Linux 6 (RHEL 6)

  • Red Hat Enterprise Linux 5 (RHEL 5)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content