Menu
What's new
By:
Filters Better Search

Scribe Remove trendmicro debug infro from log - Deleting skynet logs also

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

J

Jeff Rinvelt

New Around Here
Long time listener first-time caller.

I'm trying to get rid of some trendmicro cruft in my log. I thought I had a good file to throw it in the null bin, but I was also trashing the skynet detail messages also. I was just getting the summary logs (i.e. "router Skynet: [#] 37943 IPs (+0) -- 1322 Ranges Banned (+0) || 48213 Inbound -- 70 Outbound Connections Blocked! [save] [1s]")

Any idea what I did wrong?

Message to remove

Jan 31 08:47:25 router kernel: [tdts_shell_ioctl_stat:256] Recv ioctl req with op 2

File I thought would work

# don't log kernel trendmicro messages

filter f_trendmicro {
program("kernel") and
message("[tdts_shell_ioctl_stat:256]");
};

log {
source(src);
filter(f_trendmicro);
flags(final);
};

#eof
 
Speaking of Trend Micro, what's your Trend Micro: Signature version? It can be found in Administration - Firmware Upgrade (of Merlin GUI).

Mine is: 2.212 Updated : 2020/06/29 16:45

Seems rather old? Or what do you think? I can check it all right with the button, but it says it is up to date.
 
francovilar said:
mine is the same, different date:
2.212 Updated : 2021/01/28 20:28
Click to expand...
Thanks!

I remember that you cannot trust the actual date because it wont't always update/refresh itself. This has been going on for ages with my router and with several firmware versions (Merlin). Only the version seems to matter. Not the date.
 
The skynet detail messsages trash themselves every hour, and roll up into that summary line.
 
elorimer said:
The skynet detail messsages trash themselves every hour, and roll up into that summary line.
Click to expand...
Yep got that. The log skynet log with the syslog-ng file above was blank except for the summary line. Remove the config file and everything starts flowing, but the trendmicro garbage appears.
 
It looked to me like your filter would work, so I am puzzled. I think your filter would work as well just with the message part, without the program. Can't see it would make a difference though.

You might log what your filter is discarding, as a test, to see if what gets logged has anything to do with skynet. If it is just filling with the trendmicro stuff, skynet isn't being affected.

You might also go into skynet and be sure it is pointing to the skynet log file and hasn't reset back to syslog.
 
You must log in or register to reply here.

Similar threads

A
Scribe Scribe / syslog-ng re-load question
Replies
5
Views
2K
archiel
A
S
Issue with GuestWifi on 386.1
Replies
5
Views
851
SammyG
S
Similar threads
Thread starter Title Forum Replies Date
D Solved How do I remove WG Manager from amtm without resetting amtm? Asuswrt-Merlin AddOns 2
Jack-Sparr0w Paste Debug, Does this look alright? Asuswrt-Merlin AddOns 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 880 (members: 40, guests: 840)
Top