#67 closed defect (fixed)
Probable missfunction in growinglogfiles functionality
| Reported by: | Owned by: | rainer | |
|---|---|---|---|
| Priority: | major | Milestone: | 2.3.5 |
| Component: | main | Version: | |
| Keywords: | Cc: |
Description
I'm not totally sure of the cause, but I regularly receive reports on changes in my log files (marked as GrowingLogFiles in samhainrc). My guess is that, somehow, samhain fails to reset after a log-rotate.
As the logs are rotated, I receive a message saying
CRIT : [2007-06-10T04:41:26+0200] msg=<POLICY [GrowingLogs] C--I-----S>, path=</var/log/maillog>, inode_old=<41>, inode_new=<47>, size_old=<535645>, size_new=<0>, chksum_old=<96E0D82E7B03E90978465F0261BC4E234A94AC3AA270302B>, chksum_new=<24F0130C63AC933216166E76B1BB925FF373DE2D49584E7A>
(there are several other files as well). This is no surprise. However, since the logs were rotated (this was the first time since updating the database and restarting samhain) I've received a message similar to this one
CRIT : [2007-06-10T06:45:08+0200] msg=<POLICY [GrowingLogs] C--------->, path=</var/log/maillog>, chksum_old=<24F0130C63AC933216166E76B1BB925FF373DE2D49584E7A>, chksum_new=<2F0BF3E6A09F726E01F8015F19BDC25D589153A8BCAD2650>
every two hours (the checking interval) for all files that have grown. The only way to make it stop is to update the database and restart samhain.
I've said it before and I'll say it again: I really appreciate your work on this great piece of software. Thanks!!!
\Soren
Change History (1)
comment:1 by , 17 years ago
| Milestone: | → 2.3.5 |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Files with zero size (no entry since rotated) are not handled correctly. Fixed in changeset [107].