Hi,
I have my log rotate and garbage collection set to 1 week but my logs are getting very large and go back farther than a week. Is there a way to empty the log and is there a way to tell if the frequent log entries ( about 1 a second ) are an attack? The user in each entry is me ( administrator ).
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- DhrupDeScoop@Dhrup2000
DhrupDeScoop - 0 likes
- OregonMike@MontanaMike
OregonMike - 0 likes
- iionly@iionly
iionly - 0 likes
- OregonMike@MontanaMike
OregonMike - 0 likes
- DhrupDeScoop@Dhrup2000
DhrupDeScoop - 0 likes
- OregonMike@MontanaMike
OregonMike - 0 likes
You must log in to post replies.' a way to empty the log ' ?
exactly !
goto phpmyadmin
and empty the log table ;P
( u r attacking yr own site? lolz )
Dhrup, how am I attacking my own site? Any suggestions on how to proceed?
Mike
If your log contains entries older than a week though the garbage collector interval is set to 1 week then I would guess your weekly cronjob is not running, i.e. the garbagecollector and logrotate processes are not triggered. What happens if you call these jobs manually, i.e. entering http://yoursite.url/weekly in your browser? Do the older entries remain in the log?
What are the 1 second log entries? What information does the log contain about them? Maybe they are caused by a plugin installed on your site that triggers some high-frequent request?
Thanks for the ideas Dhrup. I appreciate the help.
well ;-) u said ' The user in each entry is me ( administrator ). ' !?
and, but.. did that phpmyadmin 'empty' empty the log quickly enuff ?!
that's your triage @now, the practicals - can be figured & fixed @later..
(1 per sec *is highhh! wot r u doinggg ? )
do you also have many log_123456789 named log tables ?
delete all those ;-)
I took the site offline, brought it back online and emptied the log table. The problem seems to have gone away. Very strange indeed.