-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: logcheck-database Version: 1.2.41 Severity: wishlist Tags: patch Hi, here is one line for the imp4 package and one (I don't have more) line from the log file. Same as with the horde3 file: I've tested it and CC this mail to the maintainer. by, Martin - -- Powered by Debian GNU / Linux -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDCnErOvJj+wS6JuIRArldAJwPJOGjFzWuTYe3wwImVfMou9ISewCfTC32 DPPabgJcyeOazKZShwySbZM=xPmH -----END PGP SIGNATURE----- -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: imp4 Url: http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20050823/324e467f/attachment.txt -------------- next part -------------- A non-text attachment was scrubbed... Name: imp4.log Type: text/x-log Size: 212 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20050823/324e467f/attachment.bin
maximilian attems
2005-Sep-01 18:05 UTC
Bug#324615: [Logcheck-devel] Bug#324615: new rules for imp4
tags 324615 moreinfo stop On Tue, 23 Aug 2005, Martin Lohmeier wrote:> Hi, > > here is one line for the imp4 package and one (I don't have more) line > from the log file. Same as with the horde3 file: I've tested it and CC > this mail to the maintainer. > > by, Martinthanks for your contribution, looks very nice indeed. but i need for info on what that process can be named.> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ .+\[[0-9]+\]: \[imp\] Login success for [@._[:alnum:]-]+ \[[.0-9]{7,15}\] to \{[._[:alnum:]-]+:[0-9]+\} \[on line [0-9]+ of ".+"\]$ > Aug 22 01:44:53 djinn01 mein-horde.de/horde[13302]: [imp] Login success for martin at mein-horde.de [212.202.173.165] to {127.0.0.1:143} [on line 93 of "/var/svr/mein-horde.de-ssl/htdocs/horde/imp/lib/Auth/imp.php"]as soon as this explained i'll integrate your rules into latest logcheck-database. -- maks
Debian Bug Tracking System
2005-Sep-01 18:18 UTC
Processed: Re: [Logcheck-devel] Bug#324615: new rules for imp4
Processing commands for control at bugs.debian.org:> tags 324615 moreinfoBug#324615: new rules for imp4 Tags were: patch Tags added: moreinfo> stopStopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
maximilian attems
2005-Sep-03 13:17 UTC
Bug#324615: [Logcheck-devel] Bug#324615: new rules for imp4
tags 324615 pending thanks On Tue, 23 Aug 2005, Martin Lohmeier wrote:> Hi, > > here is one line for the imp4 package and one (I don't have more) line > from the log file. Same as with the horde3 file: I've tested it and CC > this mail to the maintainer. > > by, Martinthanks a lot for your contribution, added to current logcheck cvs. -- maks
Debian Bug Tracking System
2005-Sep-03 13:18 UTC
Processed: Re: [Logcheck-devel] Bug#324615: new rules for imp4
Processing commands for control at bugs.debian.org:> tags 324615 pendingBug#324615: new rules for imp4 Tags were: moreinfo patch Tags added: pending> thanksStopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Debian Bug Tracking System
2005-Oct-23 04:48 UTC
[Logcheck-devel] Bug#324615: marked as done (new rules for imp4)
Your message dated Sat, 22 Oct 2005 21:32:06 -0700 with message-id <E1ETXWg-0003mk-00 at spohr.debian.org> and subject line Bug#324615: fixed in logcheck 1.2.42 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 23 Aug 2005 00:43:27 +0000>From martin at mein-horde.de Mon Aug 22 17:43:25 2005Return-path: <martin at mein-horde.de> Received: from mein-horde.de [80.190.250.190] by spohr.debian.org with esmtp (Exim 3.36 1 (Debian)) id 1E7Msv-0004LO-00; Mon, 22 Aug 2005 17:43:25 -0700 Received: from localhost (localhost [127.0.0.1]) by mein-horde.de (Postfix) with ESMTP id 5EA992ED7E2; Tue, 23 Aug 2005 02:43:24 +0200 (CEST) Received: from mein-horde.de ([127.0.0.1]) by localhost (ipx10645 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19953-07; Tue, 23 Aug 2005 02:43:23 +0200 (CEST) Received: from [192.168.150.10] (port-212-202-173-165.dynamic.qsc.de [212.202.173.165]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mein-horde.de (Postfix) with ESMTP id 8392F2ED7E1; Tue, 23 Aug 2005 02:43:23 +0200 (CEST) Message-ID: <430A712B.2090207 at mein-horde.de> Date: Tue, 23 Aug 2005 02:43:23 +0200 From: Martin Lohmeier <martin at mein-horde.de> User-Agent: Debian Thunderbird 1.0.2 (X11/20050331) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Debian Bugs <submit at bugs.debian.org> Cc: Ola <opal at debian.org>, Jose <jose at psabs.com.br> Subject: new rules for imp4 X-Enigmail-Version: 0.91.0.0 Content-Type: multipart/mixed; boundary="------------050009040604080301040407" X-Virus-Scanned: by amavisd-new at mein-horde.de Delivered-To: submit at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Level: X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 This is a multi-part message in MIME format. --------------050009040604080301040407 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: logcheck-database Version: 1.2.41 Severity: wishlist Tags: patch Hi, here is one line for the imp4 package and one (I don't have more) line from the log file. Same as with the horde3 file: I've tested it and CC this mail to the maintainer. by, Martin - -- Powered by Debian GNU / Linux -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDCnErOvJj+wS6JuIRArldAJwPJOGjFzWuTYe3wwImVfMou9ISewCfTC32 DPPabgJcyeOazKZShwySbZM=xPmH -----END PGP SIGNATURE----- --------------050009040604080301040407 Content-Type: text/plain; name="imp4" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="imp4" ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ .+\[[0-9]+\]: \[imp\] Login success for [@._[:alnum:]-]+ \[[.0-9]{7,15}\] to \{[._[:alnum:]-]+:[0-9]+\} \[on line [0-9]+ of ".+"\]$ --------------050009040604080301040407 Content-Type: text/x-log; name="imp4.log" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="imp4.log" Aug 22 01:44:53 djinn01 mein-horde.de/horde[13302]: [imp] Login success for martin at mein-horde.de [212.202.173.165] to {127.0.0.1:143} [on line 93 of "/var/svr/mein-horde.de-ssl/htdocs/horde/imp/lib/Auth/imp.php"] --------------050009040604080301040407-- --------------------------------------- Received: (at 324615-close) by bugs.debian.org; 23 Oct 2005 04:38:26 +0000>From katie at spohr.debian.org Sat Oct 22 21:38:26 2005Return-path: <katie at spohr.debian.org> Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian)) id 1ETXWg-0003mk-00; Sat, 22 Oct 2005 21:32:06 -0700 From: Todd Troxell <ttroxell at debian.org> To: 324615-close at bugs.debian.org X-Katie: $Revision: 1.56 $ Subject: Bug#324615: fixed in logcheck 1.2.42 Message-Id: <E1ETXWg-0003mk-00 at spohr.debian.org> Sender: Archive Administrator <katie at spohr.debian.org> Date: Sat, 22 Oct 2005 21:32:06 -0700 Delivered-To: 324615-close at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Level: X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-CrossAssassin-Score: 15 Source: logcheck Source-Version: 1.2.42 We believe that the bug you reported is fixed in the latest version of logcheck, which is due to be installed in the Debian FTP archive: logcheck-database_1.2.42_all.deb to pool/main/l/logcheck/logcheck-database_1.2.42_all.deb logcheck_1.2.42.dsc to pool/main/l/logcheck/logcheck_1.2.42.dsc logcheck_1.2.42.tar.gz to pool/main/l/logcheck/logcheck_1.2.42.tar.gz logcheck_1.2.42_all.deb to pool/main/l/logcheck/logcheck_1.2.42_all.deb logtail_1.2.42_all.deb to pool/main/l/logcheck/logtail_1.2.42_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 324615 at bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Todd Troxell <ttroxell at debian.org> (supplier of updated logcheck package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster at debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 22 Oct 2005 23:14:54 -0400 Source: logcheck Binary: logcheck logtail logcheck-database Architecture: source all Version: 1.2.42 Distribution: unstable Urgency: low Maintainer: Debian logcheck Team <logcheck-devel at lists.alioth.debian.org> Changed-By: Todd Troxell <ttroxell at debian.org> Description: logcheck - mails anomalies in the system logfiles to the administrator logcheck-database - database of system log rules for the use of log checkers logtail - Print log file lines that have not been read Closes: 312393 324347 324451 324613 324615 324751 325800 325801 325874 327088 327100 327114 328251 328632 330208 331282 332707 332807 333233 333456 333461 334342 334415 335021 Changes: logcheck (1.2.42) unstable; urgency=low . [ maximilian attems ] * Add dccproc timeout rule. * Only source the conffile if we can read it. Should enable logcheck runs directly out of the logcheck source. * Default to send mail to local root otherwise messages go to Nirvana. * Check if conffile with list of logfiles is readable. * Fallback to read syslog if no logfile is provided. * Enhance bind rules ignore NSTATS loglines, remove dup. (Closes: #324751) * Add rule for recent nfs mountd messages. Thanks to toby cabot <toby at caboteria.org>. (Closes: #325800) * Move imap file to server level, not appropriate for paranoid. * Add imap ignore rule for moved bytes, seems pretty normal imap usage. Thanks to toby cabot <toby at caboteria.org>. (Closes: #325801) * Add rule for Postponed keyboard-interactive ssh logins. * Update some usb rules for usb-storage and phone devices. (Closes: #324347) * Update horde3 rules the identifier can be changed by the user to any char. Thanks to Martin Lohmeier <martin at mein-horde.de> (Closes: #324613) * Add imp4 rule for successful logins. Thanks to Martin Lohmeier <martin at mein-horde.de> (Closes: #324615) * Bumped standards to 3.6.2. * Fix exim4 rule for more modern tls string. * logcheck.8 fix add full path to README.logcheck-database.gz. (Closes: #328632) . [ Jamie Penman-Smithson ] * Add the first rules for mon. Thanks to Robbert Muller <muller at muze.nl>. (Closes: #324451) * Modify dovecot rules to match ipv6 addresses too. (Closes: #327088) * Add first polypaudio rules in workstation to suppress module-alsa-sink.c messages. (Closes: #331282) * Add first rules for tftpd, suppress 'connect' and 'get file' messages. (Closes: #333456) * Fix dovecot rules to match the new format log messages in 1.0. (Closes: #332707, #333461) * Fix proftpd rules to match ipv6 addresses. Thanks to Elmar Hoffmann <elho at elho.net> (Closes: #332807) * Update ssh rules to suppress reverse DNS warnings. Thanks to Elmar Hoffmann <elho at elho.net> (Closes: #333233) * Update nagios rules to match host UNREACHABLE notification messages. (Closes: #325874) * Add the first rules for popa3d. (Closes: #328251) * Fix group permissions for /var/lock/logcheck on install or upgrade so logcheck can be executed by the logcheck group. (Closes: #330208) * Add Swedish translation, thanks to Daniel Nylander <yeager at lidkoping.net>. (Closes: #334415) * Fix anvil max rate rule to match statistics messages when postfix is bound to a specific IP. (Closes: #334342) * Modify spamd rules to match log message format in 3.1. (Closes: #335021) . [ Todd Troxell ] * Add check for lockfile-progs to aid non-debian installations. * Set logcheck to remove cleanup trap if an error occours while getting lockfile. This will prevent many confusing error messages. * Add error reporting on -o option * Add IPv6 support to bind rules. Thanks Marco Nenciarin <mnencia at prato.linux.it> (Closes: #327100) * Add IPV6 support to postfix rules. Thanks Marco Nenciarin <mnencia at prato.linux.it> (Closes: #327114) * Add INSTALL documentation for manual/non-Debian installation. * Add 5 receive rules for hylafax's FaxGetty. * Call adduser without --home flag in postinst. (Closes: #312393) Files: bb7c028e97c78ab67d9c8417de1d1d3b 736 admin optional logcheck_1.2.42.dsc a17f485774e5c00cb314b74c30d0929c 104787 admin optional logcheck_1.2.42.tar.gz e06b1c7bea38cf6b8a6977df05997481 48606 admin optional logcheck_1.2.42_all.deb 54f5ed99e3e602561f69e39cf5236800 66628 admin optional logcheck-database_1.2.42_all.deb f2875097308d99e0663d9d583b1548b5 30976 admin optional logtail_1.2.42_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDWw344u3oQ3FHP2YRAm+4AJ4g+FoIjbpI67yD8N9sBXE+Gok5pQCfRF7+ K2Akj9p3eKdJdHqBKRFJjfA=lJbY -----END PGP SIGNATURE-----
Seemingly Similar Threads
- Bug#328632: Please include README.logcheck-database.gz
- Bug#325801: logcheck: new regex to filter imap "Moved xxx bytes of new mail" messages
- Bug#322036: logcheck: [manual] typo in SYNOPSIS (TIOS => OPTIONS)
- Bug#313601: logcheck-database: ignore mount version messages
- Bug#317741: logcheck-database: fails to ignore properly some lines from 'rbldnsd'