Reading dovcot unmatched entries log
Good morning all,
I'm struggling to figure out what a log is telling me. I have a lot of unmatched entries similar to this example:
dovecot: imap(__cpanel__service__auth__imap__08_LONG_STRING_OF_ALPHANUMERICS_): Logged out in=11, out=434, bytes=11/434: 1 Time(s)
Obviously I changed the identifier to "LONG_STRING_OF_ALPHANUMERICS" because I'm not sure if it's safe to post it.
Is there a way to read this and identify which account or domain is creating this unmatched entries log??
Thanks,
Matt
-
yes, it will show the authentication id's in the logs. You can track with that. 0 -
While I love this check, it spams the Logwatch with unmatched entries and will definitely cause many system administrators to begin ignoring Logwatch entirely (which is a Bad Thing"). There have been patches out there which solve similar issues, so it shouldn't be impossible to make these Unmatched Entries go away. Any advice on how to do so would be appreciated, since it's cPanel's service that is generating the log spam. 0 -
Hello :) There are no native features that will ignore access attempts from Chkservd at this time, but it's a good idea for a feature request: Submit A Feature Request Feel free to post the URL to the feature request once it's approved so others can vote and add their feedback to it. Thank you. 0 -
Hello :) There are no native features that will ignore access attempts from Chkservd at this time, but it's a good idea for a feature request: Submit A Feature Request Feel free to post the URL to the feature request once it's approved so others can vote and add their feedback to it. Thank you.
I edited:/etc/logwatch/conf/ignore.conf
To include the following:dovecot: imap\(__cpanel__service__auth__imap__
ChkServd spam gone, for now. Solution found here, among others.0 -
I am happy to see you were able to find a suitable workaround. Thank you for updating us with the outcome. 1
Please sign in to leave a comment.
Comments
6 comments