martin f krafft
2009-Aug-04 16:52 UTC
[Logcheck-devel] Bug#539944: RFH: logcheck / also an idea for a logcheck rewrite
Package: wnpp
Severity: normal
We could use help with logcheck, specifically:
- bug triaging, which is mainly updating rule files
- bug fixing of features and faults
- implementing templates for rules, e.g. @IPADDR@ and refactoring
the rule files so that there aren't seven dozens different regexps
for IP addresses
- improving the performance and usefulness
* only process filters for packages that are installed
* find a way to avoid the multipass approach logcheck currently
takes
The package is maintained with Git, but there are no branches, so
use is trivial.
If you're interested, please pass me your alioth.debian.org account
so that I can give you commit access.
* * *
In the long run, I'd love to see a rewrite of logcheck with some of
the following features:
- tag-based, so that an admin can choose whether to see e.g. daemon
restart messages, authentication attempts for invalid/nonexistent
accounts, etc.
- runs as a daemon and can process new log entries instantly.
- possibly interfaces directly with rsyslog to avoid having to go
via log files
- configurable actions, e.g. mail, jabber, file, postgresql
- provide patterns/templates and easy instructions (possibly
automatic filter generators) to encourage package maintainers to
provide the files themselves.
- possibly require message samples with each filter to allow for
a test suite.
- and many more.
Please send further ideas to this bug report.
Talk to me if you're interested in this, and I'd be happy to assist.
I don't have time to do it myself.
--
.''`. martin f. krafft <madduck at d.o> Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduck http://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
URL:
<http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090804/80ee2db7/attachment.pgp>