help interpreting var/log/messages log


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers help interpreting var/log/messages log
# 1  
Old 08-06-2009
help interpreting var/log/messages log

I'm using RHEL and my var/log/messages file is filled with "FTP session opened/closed" lines that happen all day:

Code:
Aug  2 04:04:38 web proftpd[31873]: 74.125.56.10 (142.231.76.249[142.231.76.249]) - FTP session closed.
Aug  2 04:05:11 web proftpd[31883]: 74.125.56.10 (142.231.88.123[142.231.88.123]) - FTP session opened.

Is this normal? We certainly don't ftp this much to the server. What does this mean?

Last edited by gaspol; 08-06-2009 at 06:00 PM..
# 2  
Old 08-06-2009
I'm no proftp expert but I imagine one of the IP addresses listed is of the FTP client accessing your server, the IP address is of the network port that proftpd is servicing on your server. If you do not recognise one of the IP addresses as one from your system then perhaps you have an unwanted visitor?
# 3  
Old 08-06-2009
Unfortunately it means what it looks like. Something's opening and closing lots of FTP sessions. The IP addresses are client IP addresses. Check for other proftpd lines saying 'Login successful.' to see if they got in, and if so, as whom.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Meaning of /var/log/messages

I am getting a lot of message as follows in /var/log/message files as follows. messages.1:559:May 4 20:01:56 SERVER2 kernel: session_stat: sync=0 async=33 aretr=0 messages.1:560:May 4 20:02:42 SERVER2 kernel: session_stat: dev=fd:5 state=6 blksize=4096 mmapsize=262144 messages.1:561:May 4... (2 Replies)
Discussion started by: Anjan Ganguly
2 Replies

2. Shell Programming and Scripting

Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog

I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog. tail -f /var/log/messages dblogger: msg_to_dbrow: no logtype using missing dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Discussion started by: kenshinhimura
2 Replies

3. Shell Programming and Scripting

Log all the commands input by user at real time in /var/log/messages

Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below. function log2syslog { declare COMMAND COMMAND=$(fc -ln -0) logger -p local1.notice -t bash -i -- "$USER:$COMMAND" } trap... (12 Replies)
Discussion started by: invinzin21
12 Replies

4. UNIX for Advanced & Expert Users

Controlling /var/log/messages

The /var/log/messages folder grows exponentially - in 3 hours it went up from 70 K to 6GB. I have an application and it keeps writing such logs at very high speed. Which of the following feature has to be disabled? The entry in syslog.config is shown below ... (1 Reply)
Discussion started by: nathan_nathan
1 Replies

5. Shell Programming and Scripting

How can view log messages between two time frame from /var/log/message or any type of log files

How can view log messages between two time frame from /var/log/message or any type of log files. when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval. Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies

6. Solaris

Difference between /var/log/syslog and /var/adm/messages

Hi, Is the contents in /var/log/syslog and /var/adm/messages are same?? Regards (3 Replies)
Discussion started by: vks47
3 Replies

7. UNIX for Advanced & Expert Users

/var/adm/messages vs /var/log/messages

The /var/adm/messages in Solaris seem to log more system messages/errors compared to /var/log/messages in Linux. I checked the log level in Linux and they seem OK. Is there any other log file that contains the messages or is it just that Linux doesn't log great many things? (2 Replies)
Discussion started by: gomes1333
2 Replies

8. UNIX for Dummies Questions & Answers

(/var/log/messages) issue

Hi, I found this in my logs today for vsftpd: Nov 17 08:43:58 ftp vsftpd: Tue Nov 17 13:43:58 2009 OK LOGIN: Client "205.150.86.90" Nov 17 08:44:49 ftp avahi-daemon: Withdrawing address record for 205.111.86.22 on eth0. Nov 17 08:44:49 ftp avahi-daemon: Leaving mDNS multicast group on... (6 Replies)
Discussion started by: mojoman
6 Replies

9. Solaris

diff b/w /var/log/syslog and /var/adm/messages

hi sirs can u tell the difference between /var/log/syslogs and /var/adm/messages in my working place i am having two servers. in one servers messages file is empty and syslog file is going on increasing.. and in another servers message file is going on increasing but syslog file is... (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

10. UNIX for Dummies Questions & Answers

/var/log/messages

Which programm, deamon or script is responsible for filling the file /var/log/messages ? (1 Reply)
Discussion started by: Cozmic
1 Replies
Login or Register to Ask a Question