In /var/log/secure, I see many messages such as:
They are Virtualmin’s PostgreSQL status checks. If you aren’t using postgres, you could simply disable postgres support in Virtualmin, which would disable the check.
You could configure pam to not log postgres logins, but that’d lose potentially useful information. There’s no way for Virtualmin to suppress it, as Virtualmin actually has to login to postgres to know if it’s working, and it’s not Virtualmin doing the logging.
I generally don’t spend a lot of time with /var/log/secure directly. I pay more attention to the logwatch report each day, which summarizes things for me.
Is Logwatch (or similar) built into Virtualmin - or more likely Webmin - somewhere?
If it is, I haven’t yet managed to find it.
Logwatch is a Linux tool for parsing various system logs, and notifying you about anomalies.
It’s generally enabled by default in RHEL and CentOS systems, and will send a nightly report to the root user.
It’s readily available for Debian and Ubuntu just by installing the “logwatch” package.