[sysmon-help] Huge Log Files

Jared Mauch jared at sysmon.org
Tue Dec 16 11:24:26 EST 2003 

	I will look into this as well.

	- Jared

On Fri, Dec 12, 2003 at 11:37:48PM -0600, Jim Vaughan wrote:
> Same thing here . . .
> 
> I count ~29 log entries *per second*
> 
> Logs are huge:
> 
> -rw-r--r--    1 root     root    229,544,846 Dec 12 23:04
> /var/log/sysmon-pub.log
> -rw-r--r--    1 root     root     20,225,634 Dec  7 01:02
> /var/log/sysmon-pub.log.1.gz <- compressed
> 
> Running sysmond version 0.91.20+
> 
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.405071
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.406452
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.407883
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.409275
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.410671
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.412071
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.413471
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.414875
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.416283
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.417744
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.419163
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.420582
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.422005
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.423428
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.424854
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.426289
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.427769
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.429211
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.430653
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.432102
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.433548
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.435005
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.436462
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.438004
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.439472
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.440941
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.442619
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.444149
> Dec 12 2003-19:24:11 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.445480
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.446873
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.448212
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.449554
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.450897
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.452240
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.453587
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.454941
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.456295
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.457699
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.459057
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.460419
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.461784
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.463158
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.464527
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.465900
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.523590
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.524982
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.526363
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.527794
> Dec 12 2003-19:24:12 : Possibly stale check of 198.206.150.131:smtp:0
> lasting  59.529179
> 
> 
> ---
> Jim Vaughan - Mead, NE, USA
> jim at jimvaughan.com
> http://www.jimvaughan.com
> ftp://ftp.jimvaughan.com
> 
> 
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.551 / Virus Database: 343 - Release Date: 12/11/2003
> 
> _______________________________________________
> Sysmon-help mailing list
> Sysmon-help at puck.nether.net
> https://puck.nether.net/mailman/listinfo/sysmon-help

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

More information about the Sysmon-help mailing list