Results 1 to 9 of 9

Thread: Hide syslogd messages in Konsole

  1. #1

    Default Hide syslogd messages in Konsole

    Good day.

    I get 100s of syslogd messages in active Konsoles on desktop, they wreck the screen and if I am using a text editor in Konsole it breaks the files, I can't normally close the files. Messages appear from amavisd-new.

    Code:
    Message from syslogd@localhost at Oct 23 09:01:47 ...
     clamav[11611]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04899-tfRApExY/parts/p001
    
    Broadcast message from systemd-journald@linux-fx1e (Wed 2019-10-23 09:02:02 PDT):
    
    clamav[11697]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04898-nXTvB5OS/parts/p002
    
    
    Message from syslogd@localhost at Oct 23 09:02:02 ...
     clamav[11697]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04898-nXTvB5OS/parts/p002
    
    Message from syslogd@localhost at Oct 23 09:02:02 ...
     clamav[11707]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04898-nXTvB5OS/parts/p001
    
    Broadcast message from systemd-journald@linux-fx1e (Wed 2019-10-23 09:02:02 PDT):
    
    clamav[11707]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04898-nXTvB5OS/parts/p001
    
    
    Broadcast message from systemd-journald@linux-fx1e (Wed 2019-10-23 09:02:17 PDT):
    
    clamav[11794]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04899-tfRApExY/parts/p002
    
    
    Message from syslogd@localhost at Oct 23 09:02:17 ...
     clamav[11804]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04899-tfRApExY/parts/p001
    
    Broadcast message from systemd-journald@linux-fx1e (Wed 2019-10-23 09:02:17 PDT):
    
    clamav[11804]: Signature detected: Heuristics.Structured.SSN in /var/spool/amavis/tmp/amavis-20191023T084458-04899-tfRApExY/parts/p001
    I didn't get these messages in XFCE terminal but I uninstalled XFCE due to poor memory management and switched to KDE.

    Please let me know how to stop this.

    Thanks!

  2. #2
    Join Date
    Sep 2013
    Location
    Norfolk, UK
    Posts
    1,437

    Default Re: Hide syslogd messages in Konsole

    Regards, Paul

    2x Tumbleweed (Snapshot: 20200516) KDE Plasma 5
    2x Leap 15.1 KDE Plasma 5

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,623
    Blog Entries
    3

    Default Re: Hide syslogd messages in Konsole

    I don't see those messages on konsoles. You must have something in your syslog configuration that is broadcasing logs.

    As for xfce-terminal : it does not write a "utmp" entry, so that terminal is not seen for broadcast messages. I don't know of a way to turn of the ut entry for konsole.

    Since "xterm" is normally installed, you can try opening a terminal with
    Code:
    xterm -ut
    The "-ut" tells "xterm" to not write a utmp entry. But it would be better to check your syslog configuration.

    Here, I am using "rsyslog" with the default configuration.
    openSUSE Leap 15.2 RC; KDE Plasma 5.18.5;

  4. #4

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by tannington View Post
    Thanks for the link, followed the instructions from it. In addition, created emerg.conf in /etc/rsyslog.d

    Code:
    if $fromhost-ip != '127.0.0.1' and $syslogseverity-text == 'emerg' then {
    *.emerg /var/log/PANIC
    stop
    }

  5. #5

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by nrickert View Post
    I don't see those messages on konsoles. You must have something in your syslog configuration that is broadcasing logs.

    As for xfce-terminal : it does not write a "utmp" entry, so that terminal is not seen for broadcast messages. I don't know of a way to turn of the ut entry for konsole.

    Since "xterm" is normally installed, you can try opening a terminal with
    Code:
    xterm -ut
    The "-ut" tells "xterm" to not write a utmp entry. But it would be better to check your syslog configuration.

    Here, I am using "rsyslog" with the default configuration.
    These messages showup on console & Konsole because of rsyslog option -
    Code:
    *.emerg                                  :omusrmsg:*
    If you can could you please show your rsyslog?

  6. #6

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by chigurh View Post
    Thanks for the link, followed the instructions from it. In addition, created emerg.conf in /etc/rsyslog.d

    Code:
    if $fromhost-ip != '127.0.0.1' and $syslogseverity-text == 'emerg' then {
    *.emerg /var/log/PANIC
    stop
    }
    I spoke too soon, these messages still show up.

  7. #7
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,623
    Blog Entries
    3

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by chigurh View Post
    These messages showup on console & Konsole because of rsyslog option -
    Code:
    *.emerg                                  :omusrmsg:*
    If you can could you please show your rsyslog?
    I have that same line.

    I guess the real question is why "clamav" is issuing messages at the emerg level. I'm not running "clamav" here, so maybe my earlier post was misleading. I rarely see a konsole log message. I see such messages only from "apcupsd" (UPS daemon). And only for power interruption/restore events.
    openSUSE Leap 15.2 RC; KDE Plasma 5.18.5;

  8. #8

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by nrickert View Post
    I have that same line.

    I guess the real question is why "clamav" is issuing messages at the emerg level. I'm not running "clamav" here, so maybe my earlier post was misleading. I rarely see a konsole log message. I see such messages only from "apcupsd" (UPS daemon). And only for power interruption/restore events.
    No worries, I think I fixed it this time with emerg.conf in /etc/rsyslog.d

    Code:
    root@linux-fx1e:/home/flux # tail -f /var/log/PANIC 
    2019-10-24T07:43:25.382042-07:00 localhost clamav[24668]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:42.129280-07:00 localhost clamav[24880]: Signature detected: {HEX}php.cmdshell.r57.335.UNOFFICIAL in fd[12]
    2019-10-24T07:43:42.563463-07:00 localhost clamav[24890]: Signature detected: Heuristics.Structured.CreditCardNumber in fd[12]
    2019-10-24T07:43:44.045642-07:00 localhost clamav[24900]: Signature detected: {HEX}Malware.Expert.generic.eval.gzinflate.base64.9.UNOFFICIAL in fd[12]
    2019-10-24T07:43:45.018844-07:00 localhost clamav[24911]: Signature detected: {HEX}php.exe.globals.414.UNOFFICIAL in fd[12]
    2019-10-24T07:43:45.273617-07:00 localhost clamav[24926]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:45.400859-07:00 localhost clamav[24936]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:46.023599-07:00 localhost clamav[24946]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:46.319576-07:00 localhost clamav[24956]: Signature detected: SecuriteInfo.com.JS.Obfus.Gen-1.UNOFFICIAL in fd[12]
    2019-10-24T07:43:46.520212-07:00 localhost clamav[24966]: Signature detected: Heuristics.Structured.CreditCardNumber in fd[12]
    2019-10-24T07:43:46.669764-07:00 localhost clamav[24976]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:47.565764-07:00 localhost clamav[24986]: Signature detected: SecuriteInfo.com.Spam-5338.UNOFFICIAL in fd[12]
    2019-10-24T07:43:47.676093-07:00 localhost clamav[24996]: Signature detected: Heuristics.Structured.SSN in fd[12]
    2019-10-24T07:43:47.769301-07:00 localhost clamav[25008]: Signature detected: Heuristics.Structured.CreditCardNumber in fd[11]
    Here is the snippet for /etc/rsyslogd/emerg.conf just in case someone faces similar issue.

    Code:
    if $syslogseverity-text == 'emerg' then {
    *.emerg /var/log/PANIC
    stop
    }

  9. #9
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,623
    Blog Entries
    3

    Default Re: Hide syslogd messages in Konsole

    Quote Originally Posted by chigurh View Post
    No worries, I think I fixed it this time with emerg.conf in /etc/rsyslog.d
    Good to hear.
    openSUSE Leap 15.2 RC; KDE Plasma 5.18.5;

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •