The Log Scanner Report emails contain lines of data from the log that appear to be continuations of previous multi-lined log entries.
It appears that the format of the log entries looks like:
-------------------------------
begin with the date/time in brackets
a space
the type of log entry ( info, warning, error)
a space
a source ( program or procedure ) of the log entry in brackets
a space
The log text... USUALLY single line. but sometimes mutli-lined and terminates with the end of the line before a new line that begins with the date/time in brackets
------------------------------------
a log entry in /usr/local/cpanel/logs/error_log that looks like:
------------------------------------------------------------------------------------------------------------------------
[2016-07-16 12:16:40 -0700] info [autorepair] Successfully verified signature for cpanel (key types: release).
==> cpsrvd 11.56.0.25 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up native SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
==> cpsrvd 11.56.0.25 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up native SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
[date/time of next log entry -0700].........
---------------------------------------------------------------------------------------------------------------------------
produces a Log Scanner Report email that includes:
---------------------------------------------------------------------------------------------------------------------------
/usr/local/cpanel/logs/error_log:
==> cpsrvd 11.56.0.25 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up native SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
==> cpsrvd 11.56.0.25 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up native SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
---------------------------------------------------------------------------------------------------------------------------
The reported data appears to be an extended log from the previous "info" line
another example:
---------------------------------------------------------------------------------------------------------------------------
[2016-07-16 17:26:16 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3/branding/crimson_smoke/bottom_bg.gif" has 783 x 23 dimensions with 18009 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/crimson_smoke/heading_sprites_bg_snap_to_smallest_width.png".
[2016-07-16 17:26:17 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3/branding/the_beach/bottom_bg.gif" has 783 x 23 dimensions with 18009 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/the_beach/heading_sprites_bg_snap_to_smallest_width.png".
[2016-07-16 17:26:21 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3/branding/motor_city/bg.gif" has 400 x 400 dimensions with 160000 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/motor_city/ui_sprites_bg_snap_to_smallest_width.png".
[2016-07-16 17:26:26 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3mail/branding/crimson_smoke/bottom_bg.gif" has 783 x 23 dimensions with 18009 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/crimson_smoke/heading_sprites_bg_snap_to_smallest_width.png".
[2016-07-16 17:26:30 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3mail/branding/the_beach/bottom_bg.gif" has 783 x 23 dimensions with 18009 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/the_beach/heading_sprites_bg_snap_to_smallest_width.png".
[2016-07-16 17:26:30 -0700] info [rebuild_sprites] File "/usr/local/cpanel/base/frontend/x3mail/branding/motor_city/bg.gif" has 400 x 400 dimensions with 160000 pixels.
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/motor_city/ui_sprites_bg_snap_to_smallest_width.png".
[date/time of next log entry -0700].........
---------------------------------------------------------------------------------------------------------------------------
produces a Log Scanner Report email that includes:
---------------------------------------------------------------------------------------------------------------------------
/usr/local/cpanel/logs/error_log:
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/crimson_smoke/heading_sprites_bg_snap_to_smallest_width.png".
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/the_beach/heading_sprites_bg_snap_to_smallest_width.png".
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3mail/branding/motor_city/ui_sprites_bg_snap_to_smallest_width.png".
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/crimson_smoke/heading_sprites_bg_snap_to_smallest_width.png".
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/the_beach/heading_sprites_bg_snap_to_smallest_width.png".
This is exceeding 8192 pixels and color palette issue may be expected when its associated sprite file is used:
"/usr/local/cpanel/base/frontend/x3/branding/motor_city/ui_sprites_bg_snap_to_smallest_width.png".
---------------------------------------------------------------------------------------------------------------------------
The reported data appears to be an extended log from the previous "info" line
Log Scanner Report - Non Errors reported
-
- Moderator
- Posts: 1524
- Joined: 01 Oct 2008, 09:24
Re: Log Scanner Report - Non Errors reported
We were unable to replicate this issue. Please post your /etc/csf/csf.logignore as it may contain a regex that is excluding the timestamp lines.
Re: Log Scanner Report - Non Errors reported
Here is my /etc/csf/csf.logignore file. Didn;t know it existed. I may try to get rid of a few of the messages that I IGNORE anyway! Is there a quick way to test against existing logs ( over and over and over till I get it right?)
###############################################################################
# Copyright 2006-2015, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following is a list of regular expressions for the LOGSCANNER feature.
# If a log line matches it will be ignored, otherwise it will be reported
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ kernel:\s(\[[^\]]+\]\s)?Firewall:
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ suhosin\[\d+\]: ALERT - script tried to increase memory_limit
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view internal
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view external
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view localhost_resolver
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: connection refused resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: lame server resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: network unreachable resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: unexpected RCODE
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* loaded serial
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* sending notifies
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: FORMERR resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE REFUSED\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE SERVFAIL\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(host unreachable\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(network unreachable\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(connection refused \) resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(FORMERR\) resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ pure-ftpd: \([\w\?\@\+\%\.]+\@\d+\.\d+\.\d+\.\d+\) \[(INFO|NOTICE)\]
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ Cp-Wrap\[\d+\]:
^\[\S+\s\S+\s\S+\] info
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ gconfd
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Started Session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting Session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Failed to mark scope
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: New session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: Removed session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Created slice
###############################################################################
# Copyright 2006-2015, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following is a list of regular expressions for the LOGSCANNER feature.
# If a log line matches it will be ignored, otherwise it will be reported
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ kernel:\s(\[[^\]]+\]\s)?Firewall:
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ suhosin\[\d+\]: ALERT - script tried to increase memory_limit
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view internal
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view external
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view localhost_resolver
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: connection refused resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: lame server resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: network unreachable resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: unexpected RCODE
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* loaded serial
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* sending notifies
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: FORMERR resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE REFUSED\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE SERVFAIL\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(host unreachable\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(network unreachable\)
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(connection refused \) resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(FORMERR\) resolving
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ pure-ftpd: \([\w\?\@\+\%\.]+\@\d+\.\d+\.\d+\.\d+\) \[(INFO|NOTICE)\]
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ Cp-Wrap\[\d+\]:
^\[\S+\s\S+\s\S+\] info
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ gconfd
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Started Session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting Session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Failed to mark scope
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: New session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: Removed session
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Created slice
Re: Log Scanner Report - Non Errors reported
See suggestion here to get rid of the annoying cpsrvd reports.