Page MenuHomePhabricator
Create Task
Maniphest T206431

Qualys scans causing problematic pfw logspam
Closed, ResolvedPublic
Actions

Description

If I am reading the log right it looks like a bunch of DENY from an IP within the Qualys subnet we allow but on a bunch of ports we don't. It is currently causing disk full errors on bellatrix:

19G /var/log/remote/pfw-misc

For the time being I moved the file to /srv where there is space. We will need to get more info about these scans and adjust fw accordingly.

Event Timeline

cwdent created this task.Oct 8 2018, 12:50 AM
Restricted Application added a project: SRE. · View Herald TranscriptOct 8 2018, 12:50 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Jgreen closed this task as Resolved.Oct 10 2018, 1:37 PM
Jgreen claimed this task.
Jgreen subscribed.

The underlying problem was that bellatrix was logging to the root partition rather than the /srv data partition as it should. This is fixed.

Dwisehaupt moved this task from Triage to Done on the fundraising-tech-ops board.Feb 13 2020, 9:31 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL