Cyril.Gilly
2006-Jan-09 12:44 UTC
[Logcheck-users] Re: Logcheck-users Digest, Vol 5, Issue 1
The entry is probably not igored because of the word deny in your path . You might better set your rule in violation.ignore.d/ directory. At 13:00 09/01/2006, you wrote:>Send Logcheck-users mailing list submissions to > logcheck-users@lists.alioth.debian.org > >To subscribe or unsubscribe via the World Wide Web, visit > http://lists.alioth.debian.org/mailman/listinfo/logcheck-users >or, via email, send a message with subject or body 'help' to > logcheck-users-request@lists.alioth.debian.org > >You can reach the person managing the list at > logcheck-users-owner@lists.alioth.debian.org > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of Logcheck-users digest..." > > >Today's Topics: > > 1. Log Entry not being ignored (Andrew Berry) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Sun, 8 Jan 2006 21:06:56 +0000 (GMT) >From: Andrew Berry <andrew@aberry.co.uk> >Subject: [Logcheck-users] Log Entry not being ignored >To: Logcheck-users@lists.alioth.debian.org >Message-ID: <Pine.SOC.4.63.0601082026450.2359@almond.milky.org.uk> >Content-Type: TEXT/PLAIN; charset=US-ASCII > >All, > >Apologies if this is a simple error but it's been confusing me for a few >weeks and I have no idea how to fix it. > >I've set a cron job to run 3 times an hour (as root) and logcheck's >picking up on this (but no others). The output in the email is this:- > >Jan 8 20:21:01 homer /USR/SBIN/CRON[8637]: (root) CMD (/usr/bin/python >/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg) >Jan 8 20:41:01 homer /USR/SBIN/CRON[2949]: (root) CMD (/usr/bin/python >/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg) >Jan 8 21:01:01 homer /USR/SBIN/CRON[12711]: (root) CMD (/usr/bin/python >/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg) > >I've added the following to /etc/logcheck/ignore.d.server/cron (I assume >this is the correct file):- > >^\w{3} [ :0-9]{11} [._[:alnum:]-]+ \USR\SBIN\CRON\[[0-9]+\]: >\([_[:alnum:]-]+\) >CMD \(/usr/bin/python /root/denyhosts/denyhosts.py -c >/root/denyhosts/denyhosts. >cfg\)$ > >All the testing I've carried out shows that this is correct. > >I am running Debian Stable and the version of logcheck from aptitude is >1.2.39. > >Can anyone point me in the correct direction? > >Thanks, > >Andrew > >-- >Andrew Berry >andrew@aberry.co.uk >http://www.aberry.co.uk > > > >------------------------------ > >_______________________________________________ >Logcheck-users mailing list >Logcheck-users@lists.alioth.debian.org >http://lists.alioth.debian.org/mailman/listinfo/logcheck-users > > >End of Logcheck-users Digest, Vol 5, Issue 1 >********************************************"This machine has no brain ... Please use your own" Cyril Gilly cyril.gilly@eisti.fr EISTI Avenue du Parc 95 011 CERGY 01 34 25 10 33
Apparently Analagous Threads
Wisdom of the Ancients
