Submitted by soydemadrid on Sat, 03/04/2017 - 06:09 Pro Licensee
Hi I hope you can help.
CSF has an option for a "Syslog check" - which it states is good for security to stop bruteforce attacks on the logs...
When I enable the syslog_check though I get emails such as:
Time: Sat Mar 4 12:00:23 2017 +0000
Error: Failed to detect code [hzYGHF47QXVRduy0] in SYSLOG_LOG [/var/log/messages]
SYSLOG may not be running correctly on server
I just wondered if Virtualmin by default doesn't actually use syslog and how to get this to work or if it's best to not set this up? I don't want to harm any logs currently working etc, but would be nice if it helps security to get this working too...
Thanks for any help.
Status:
Active
Comments
Submitted by andreychek on Sat, 03/04/2017 - 08:28 Comment #1
Howdy -- all the distros that Virtualmin supports come with Syslog enabled (even before Virtualmin is installed).
I'm not sure what they code they're referring to is, but you may want to see if there's another log file in /var/log that contains what you're looking for.
Submitted by soydemadrid on Sat, 03/04/2017 - 09:45 Pro Licensee Comment #2
Hi I believe I've found the issue which is Ubuntu specific:
https://forum.configserver.com/viewtopic.php?t=6615
Thanks for the help.