CentOS 6 rsyslog 连续的条目流填满 /var/log/messages

tag-icon tag-icon centos rsyslog
CentOS 6 rsyslog 连续的条目流填满 /var/log/messages

在我的一个机器上运行 yum update 后,我收到 /var/log/messages 中连续不断的条目流,并填满了磁盘。我无法弄清楚这些事件来自哪里

Linux host1 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

日志片段

Apr 27 21:05:45 127.0.0.1 2020-04-27 21:05:45,537 [Thread-0] WARN  EventLog.confd- UserSessNotification[STOP, user=[name=admin, usid=981303, addr=127.0.0.1, prot=1], db=DB_NONE]
Apr 27 21:05:45 127.0.0.1 2020-04-27 21:05:45,537 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=107, user=admin, usid=981303, msg="Logged out from maapi ctx=mappi (end_user_session)"]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,587 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=105, user=admin, usid=981305, msg="assigned to groups: admin"]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,587 [Thread-0] WARN  EventLog.confd- UserSessNotification[START, user=[name=admin, usid=981305, addr=127.0.0.1, prot=1], db=DB_NONE]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,587 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=105, user=admin, usid=981305, msg="assigned to groups: admin"]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,587 [Thread-0] WARN  EventLog.confd- UserSessNotification[START, user=[name=admin, usid=981305, addr=127.0.0.1, prot=1], db=DB_NONE]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,589 [Thread-0] WARN  EventLog.confd- UserSessNotification[STOP, user=[name=admin, usid=981305, addr=127.0.0.1, prot=1], db=DB_NONE]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,590 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=107, user=admin, usid=981305, msg="Logged out from maapi ctx=mappi (end_user_session)"]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,589 [Thread-0] WARN  EventLog.confd- UserSessNotification[STOP, user=[name=admin, usid=981305, addr=127.0.0.1, prot=1], db=DB_NONE]
Apr 27 21:06:18 127.0.0.1 2020-04-27 21:06:18,590 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=107, user=admin, usid=981305, msg="Logged out from maapi ctx=mappi (end_user_session)"]
Apr 27 21:06:51 127.0.0.1 2020-04-27 21:06:51,636 [Thread-0] WARN  EventLog.confd- AuditNotification[logno=105, user=admin, usid=981306, msg="assigned to groups: admin"]
Apr 27 21:06:51 127.0.0.1 2020-04-27 21:06:51,636 [Thread-0] WARN  EventLog.confd- UserSessNotification[START, user=[name=admin, usid=981306, addr=127.0.0.1, prot=1], db=DB_NONE]

有人能识别这些条目吗?我该如何抑制它们?

我已经检查了我的 rsyslog.conf,系统确实没有记录内核消息。

相关内容