Radek Antoniuk
2010-Jul-07 09:44 UTC
[Logcheck-devel] Bug#588312: logcheck-database: updated rules for many packages
Package: logcheck-database
Version: 1.3.10
Severity: normal
Please add rules for some packages:
#dkimproxy
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: connect from .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: DKIM signing -
signed; .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: DKIM signing -
skipped; .*$
#postfix
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: discarding EHLO
keywords: 8BITMIME STARTTLS$
#ssh
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: error writing
/proc/self/oom_adj: Operation not permitted$
#ntp
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status
change 4001
#cron-apt
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cron-apt: After this operation, [:alnum:]+
disk space will be freed.$
#syslog-ng
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslog-ng\[[0-9]+\]: Log statistics;.*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslog-ng\[[0-9]+\]: Configuration reload
request received, reloading configuration;$
#shorewall
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Shorewall:.*$
#libpam-cracklib
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cracklib: no dictionary update necessary.$
#modprobe?
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ modprobe: WARNING: Not loading blacklisted
module ipv6.$
#bind
#success resolving 'www.mac.com/AAAA' (in 'mac.com'?) after
reducing the advertised EDNS UDP packet size to 512 octets
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ named\[[0-9]+\]: success resolving.*$
#rsyncd
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: file has vanished: .*$
#netatalk
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: server_child[[:xdigit:]+]
[:xdigit:]+ exited 1$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: uams_dhx_pam.c :PAM: PAM
Success$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: uams_dhx_pam.c :PAM: PAM Auth
OK!$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: login [:alpha:]+ (uid
[:xdigit:]+, gid [:xdigit:]+) AFP3.1$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: dhx login: [:alpha:]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: ipc_read: command: .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: Setting clientid .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: pc_get_session: .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: bad function .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: ASIP session:.*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: afp_alarm: child timed out$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: [:alpha:]+ read, [:alpha:]+
written$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: Connection terminated$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: server_child[[:xdigit:]+]
[:xdigit:]+ exited 1$
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (650, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
-- Configuration Files:
/etc/logcheck/cracking.d/kernel [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/kernel'
/etc/logcheck/cracking.d/rlogind [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/rlogind'
/etc/logcheck/cracking.d/rsh [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/rsh'
/etc/logcheck/cracking.d/smartd [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/smartd'
/etc/logcheck/cracking.d/tftpd [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/tftpd'
/etc/logcheck/cracking.d/uucico [Errno 13] Permission denied:
u'/etc/logcheck/cracking.d/uucico'
/etc/logcheck/ignore.d.paranoid/bind [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/bind'
/etc/logcheck/ignore.d.paranoid/cron [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/cron'
/etc/logcheck/ignore.d.paranoid/incron [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/incron'
/etc/logcheck/ignore.d.paranoid/logcheck [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/logcheck'
/etc/logcheck/ignore.d.paranoid/postfix [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/postfix'
/etc/logcheck/ignore.d.paranoid/ppp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/ppp'
/etc/logcheck/ignore.d.paranoid/pureftp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/pureftp'
/etc/logcheck/ignore.d.paranoid/qpopper [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/qpopper'
/etc/logcheck/ignore.d.paranoid/squid [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/squid'
/etc/logcheck/ignore.d.paranoid/ssh [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/ssh'
/etc/logcheck/ignore.d.paranoid/stunnel [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/stunnel'
/etc/logcheck/ignore.d.paranoid/sysklogd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/sysklogd'
/etc/logcheck/ignore.d.paranoid/telnetd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/telnetd'
/etc/logcheck/ignore.d.paranoid/tripwire [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/tripwire'
/etc/logcheck/ignore.d.paranoid/usb [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.paranoid/usb'
/etc/logcheck/ignore.d.server/acpid [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/acpid'
/etc/logcheck/ignore.d.server/amandad [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/amandad'
/etc/logcheck/ignore.d.server/anacron [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/anacron'
/etc/logcheck/ignore.d.server/anon-proxy [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/anon-proxy'
/etc/logcheck/ignore.d.server/apache [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/apache'
/etc/logcheck/ignore.d.server/apcupsd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/apcupsd'
/etc/logcheck/ignore.d.server/arpwatch [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/arpwatch'
/etc/logcheck/ignore.d.server/asterisk [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/asterisk'
/etc/logcheck/ignore.d.server/automount [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/automount'
/etc/logcheck/ignore.d.server/bind [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/bind'
/etc/logcheck/ignore.d.server/bluez-utils [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/bluez-utils'
/etc/logcheck/ignore.d.server/courier [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/courier'
/etc/logcheck/ignore.d.server/cpqarrayd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cpqarrayd'
/etc/logcheck/ignore.d.server/cpufreqd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cpufreqd'
/etc/logcheck/ignore.d.server/cracklib [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cracklib'
/etc/logcheck/ignore.d.server/cron [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cron'
/etc/logcheck/ignore.d.server/cron-apt [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cron-apt'
/etc/logcheck/ignore.d.server/cups-lpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cups-lpd'
/etc/logcheck/ignore.d.server/cvs-pserver [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cvs-pserver'
/etc/logcheck/ignore.d.server/cvsd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cvsd'
/etc/logcheck/ignore.d.server/cyrus [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/cyrus'
/etc/logcheck/ignore.d.server/dcc [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dcc'
/etc/logcheck/ignore.d.server/ddclient [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ddclient'
/etc/logcheck/ignore.d.server/dhclient [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dhclient'
/etc/logcheck/ignore.d.server/dhcp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dhcp'
/etc/logcheck/ignore.d.server/dictd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dictd'
/etc/logcheck/ignore.d.server/dkfilter [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dkfilter'
/etc/logcheck/ignore.d.server/dkim-filter [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dkim-filter'
/etc/logcheck/ignore.d.server/dnsmasq [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dnsmasq'
/etc/logcheck/ignore.d.server/dovecot [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dovecot'
/etc/logcheck/ignore.d.server/dspam [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/dspam'
/etc/logcheck/ignore.d.server/epmd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/epmd'
/etc/logcheck/ignore.d.server/exim4 [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/exim4'
/etc/logcheck/ignore.d.server/fcron [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/fcron'
/etc/logcheck/ignore.d.server/ftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ftpd'
/etc/logcheck/ignore.d.server/git-daemon [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/git-daemon'
/etc/logcheck/ignore.d.server/gnu-imap4d [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/gnu-imap4d'
/etc/logcheck/ignore.d.server/gps [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/gps'
/etc/logcheck/ignore.d.server/grinch [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/grinch'
/etc/logcheck/ignore.d.server/horde3 [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/horde3'
/etc/logcheck/ignore.d.server/hplip [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/hplip'
/etc/logcheck/ignore.d.server/hylafax [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/hylafax'
/etc/logcheck/ignore.d.server/ikiwiki [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ikiwiki'
/etc/logcheck/ignore.d.server/imap [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/imap'
/etc/logcheck/ignore.d.server/imapproxy [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/imapproxy'
/etc/logcheck/ignore.d.server/imp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/imp'
/etc/logcheck/ignore.d.server/imp4 [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/imp4'
/etc/logcheck/ignore.d.server/innd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/innd'
/etc/logcheck/ignore.d.server/ipppd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ipppd'
/etc/logcheck/ignore.d.server/isdnlog [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/isdnlog'
/etc/logcheck/ignore.d.server/isdnutils [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/isdnutils'
/etc/logcheck/ignore.d.server/jabberd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/jabberd'
/etc/logcheck/ignore.d.server/kernel [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/kernel'
/etc/logcheck/ignore.d.server/klogind [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/klogind'
/etc/logcheck/ignore.d.server/krb5-kdc [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/krb5-kdc'
/etc/logcheck/ignore.d.server/libpam-mount [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/libpam-mount'
/etc/logcheck/ignore.d.server/logcheck [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/logcheck'
/etc/logcheck/ignore.d.server/login [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/login'
/etc/logcheck/ignore.d.server/maradns [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/maradns'
/etc/logcheck/ignore.d.server/mldonkey-server [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/mldonkey-server'
/etc/logcheck/ignore.d.server/mon [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/mon'
/etc/logcheck/ignore.d.server/mountd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/mountd'
/etc/logcheck/ignore.d.server/nagios [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/nagios'
/etc/logcheck/ignore.d.server/netconsole [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/netconsole'
/etc/logcheck/ignore.d.server/nfs [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/nfs'
/etc/logcheck/ignore.d.server/nntpcache [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/nntpcache'
/etc/logcheck/ignore.d.server/nscd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/nscd'
/etc/logcheck/ignore.d.server/nslcd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/nslcd'
/etc/logcheck/ignore.d.server/openvpn [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/openvpn'
/etc/logcheck/ignore.d.server/otrs [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/otrs'
/etc/logcheck/ignore.d.server/passwd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/passwd'
/etc/logcheck/ignore.d.server/pdns [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/pdns'
/etc/logcheck/ignore.d.server/perdition [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/perdition'
/etc/logcheck/ignore.d.server/policyd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/policyd'
/etc/logcheck/ignore.d.server/popa3d [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/popa3d'
/etc/logcheck/ignore.d.server/postfix [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/postfix'
/etc/logcheck/ignore.d.server/postfix-policyd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/postfix-policyd'
/etc/logcheck/ignore.d.server/ppp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ppp'
/etc/logcheck/ignore.d.server/pptpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/pptpd'
/etc/logcheck/ignore.d.server/procmail [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/procmail'
/etc/logcheck/ignore.d.server/proftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/proftpd'
/etc/logcheck/ignore.d.server/puppetd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/puppetd'
/etc/logcheck/ignore.d.server/pure-ftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/pure-ftpd'
/etc/logcheck/ignore.d.server/pureftp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/pureftp'
/etc/logcheck/ignore.d.server/qpopper [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/qpopper'
/etc/logcheck/ignore.d.server/rbldnsd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/rbldnsd'
/etc/logcheck/ignore.d.server/rpc_statd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/rpc_statd'
/etc/logcheck/ignore.d.server/rsnapshot [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/rsnapshot'
/etc/logcheck/ignore.d.server/rsync [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/rsync'
/etc/logcheck/ignore.d.server/sa-exim [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/sa-exim'
/etc/logcheck/ignore.d.server/samba [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/samba'
/etc/logcheck/ignore.d.server/saned [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/saned'
/etc/logcheck/ignore.d.server/sasl2-bin [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/sasl2-bin'
/etc/logcheck/ignore.d.server/saslauthd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/saslauthd'
/etc/logcheck/ignore.d.server/schroot [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/schroot'
/etc/logcheck/ignore.d.server/scponly [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/scponly'
/etc/logcheck/ignore.d.server/slapd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/slapd'
/etc/logcheck/ignore.d.server/smartd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/smartd'
/etc/logcheck/ignore.d.server/smbd_audit [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/smbd_audit'
/etc/logcheck/ignore.d.server/smokeping [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/smokeping'
/etc/logcheck/ignore.d.server/snmpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/snmpd'
/etc/logcheck/ignore.d.server/snort [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/snort'
/etc/logcheck/ignore.d.server/spamc [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/spamc'
/etc/logcheck/ignore.d.server/spamd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/spamd'
/etc/logcheck/ignore.d.server/squid [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/squid'
/etc/logcheck/ignore.d.server/ssh [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ssh'
/etc/logcheck/ignore.d.server/stunnel [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/stunnel'
/etc/logcheck/ignore.d.server/su [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/su'
/etc/logcheck/ignore.d.server/sudo [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/sudo'
/etc/logcheck/ignore.d.server/sympa [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/sympa'
/etc/logcheck/ignore.d.server/syslogd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/syslogd'
/etc/logcheck/ignore.d.server/teapop [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/teapop'
/etc/logcheck/ignore.d.server/telnetd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/telnetd'
/etc/logcheck/ignore.d.server/tftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/tftpd'
/etc/logcheck/ignore.d.server/thy [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/thy'
/etc/logcheck/ignore.d.server/ucd-snmp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/ucd-snmp'
/etc/logcheck/ignore.d.server/upsd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/upsd'
/etc/logcheck/ignore.d.server/uptimed [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/uptimed'
/etc/logcheck/ignore.d.server/userv [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/userv'
/etc/logcheck/ignore.d.server/vsftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/vsftpd'
/etc/logcheck/ignore.d.server/watchdog [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/watchdog'
/etc/logcheck/ignore.d.server/webmin [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/webmin'
/etc/logcheck/ignore.d.server/wu-ftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/wu-ftpd'
/etc/logcheck/ignore.d.server/xinetd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.server/xinetd'
/etc/logcheck/ignore.d.workstation/automount [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/automount'
/etc/logcheck/ignore.d.workstation/bind [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/bind'
/etc/logcheck/ignore.d.workstation/bluetooth-alsa [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/bluetooth-alsa'
/etc/logcheck/ignore.d.workstation/bluez-utils [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/bluez-utils'
/etc/logcheck/ignore.d.workstation/bonobo [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/bonobo'
/etc/logcheck/ignore.d.workstation/dhcpcd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/dhcpcd'
/etc/logcheck/ignore.d.workstation/francine [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/francine'
/etc/logcheck/ignore.d.workstation/gconf [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/gconf'
/etc/logcheck/ignore.d.workstation/gdm [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/gdm'
/etc/logcheck/ignore.d.workstation/hald [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/hald'
/etc/logcheck/ignore.d.workstation/hcid [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/hcid'
/etc/logcheck/ignore.d.workstation/ifplugd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/ifplugd'
/etc/logcheck/ignore.d.workstation/ippl [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/ippl'
/etc/logcheck/ignore.d.workstation/kdm [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/kdm'
/etc/logcheck/ignore.d.workstation/kernel [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/kernel'
/etc/logcheck/ignore.d.workstation/laptop-mode-tools [Errno 13] Permission
denied: u'/etc/logcheck/ignore.d.workstation/laptop-mode-tools'
/etc/logcheck/ignore.d.workstation/libpam-gnome-keyring [Errno 13] Permission
denied: u'/etc/logcheck/ignore.d.workstation/libpam-gnome-keyring'
/etc/logcheck/ignore.d.workstation/logcheck [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/logcheck'
/etc/logcheck/ignore.d.workstation/login [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/login'
/etc/logcheck/ignore.d.workstation/net-acct [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/net-acct'
/etc/logcheck/ignore.d.workstation/nntpcache [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/nntpcache'
/etc/logcheck/ignore.d.workstation/polypaudio [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/polypaudio'
/etc/logcheck/ignore.d.workstation/postfix [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/postfix'
/etc/logcheck/ignore.d.workstation/ppp [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/ppp'
/etc/logcheck/ignore.d.workstation/proftpd [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/proftpd'
/etc/logcheck/ignore.d.workstation/pump [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/pump'
/etc/logcheck/ignore.d.workstation/sendfile [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/sendfile'
/etc/logcheck/ignore.d.workstation/squid [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/squid'
/etc/logcheck/ignore.d.workstation/udev [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/udev'
/etc/logcheck/ignore.d.workstation/wdm [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/wdm'
/etc/logcheck/ignore.d.workstation/winbind [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/winbind'
/etc/logcheck/ignore.d.workstation/wpasupplicant [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/wpasupplicant'
/etc/logcheck/ignore.d.workstation/xdm [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/xdm'
/etc/logcheck/ignore.d.workstation/xlockmore [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/xlockmore'
/etc/logcheck/ignore.d.workstation/xscreensaver [Errno 13] Permission denied:
u'/etc/logcheck/ignore.d.workstation/xscreensaver'
/etc/logcheck/violations.d/kernel [Errno 13] Permission denied:
u'/etc/logcheck/violations.d/kernel'
/etc/logcheck/violations.d/logcheck [Errno 13] Permission denied:
u'/etc/logcheck/violations.d/logcheck'
/etc/logcheck/violations.d/smartd [Errno 13] Permission denied:
u'/etc/logcheck/violations.d/smartd'
/etc/logcheck/violations.d/su [Errno 13] Permission denied:
u'/etc/logcheck/violations.d/su'
/etc/logcheck/violations.d/sudo [Errno 13] Permission denied:
u'/etc/logcheck/violations.d/sudo'
/etc/logcheck/violations.ignore.d/logcheck-su [Errno 13] Permission denied:
u'/etc/logcheck/violations.ignore.d/logcheck-su'
/etc/logcheck/violations.ignore.d/logcheck-sudo [Errno 13] Permission denied:
u'/etc/logcheck/violations.ignore.d/logcheck-sudo'
-- no debconf information
Gerfried Fuchs
2010-Jul-07 10:44 UTC
[Logcheck-devel] Bug#588312: logcheck-database: updated rules for many packages
tags 588312 + moreinfo severity 588312 wishlist thanks Hello! * Radek Antoniuk <radek.antoniuk at gmail.com> [2010-07-07 11:44:43 CEST]:> Please add rules for some packages:It would be highly convenient if you could offer some sample log entries so we can check if your usage of wildchar .* matches are really needed that intensively. Also I encourage you to file different bugreports for different packages if that wouldn't be too much burden for you - it would help us a lot with processing the chunks.> #postfix > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: discarding EHLO keywords: 8BITMIME STARTTLS$I see a similar rule in rulefiles/linux/ignore.d.server/postfix - are you sure you really did receive those rules with the 1.3.10 version you reported this against?> #cron-apt > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cron-apt: After this operation, [:alnum:]+ disk space will be freed.$1.3.10 should also catch this one. Given that the list is pretty exhaustive I'd like to ask you for a favour and would like you to check wether they still really apply and are relevant for 1.3.10. Thanks in advance for your input! Rhonda -- "Lediglich 11 Prozent der Arbeitgeber sind der Meinung, dass jeder Mensch auch ein Privatleben haben sollte." -- http://www.karriere.at/artikel/884/
Debian Bug Tracking System
2010-Jul-07 10:48 UTC
[Logcheck-devel] Processed: Re: Bug#588312: logcheck-database: updated rules for many packages
Processing commands for control at bugs.debian.org:> tags 588312 + moreinfoBug #588312 [logcheck-database] logcheck-database: updated rules for many packages Added tag(s) moreinfo.> severity 588312 wishlistBug #588312 [logcheck-database] logcheck-database: updated rules for many packages Severity set to 'wishlist' from 'normal'> thanksStopping processing here. Please contact me if you need assistance. -- 588312: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588312 Debian Bug Tracking System Contact owner at bugs.debian.org with problems
Radosław Antoniuk
2010-Jul-07 11:01 UTC
[Logcheck-devel] Bug#588312: logcheck-database: updated rules for many packages
> #dkimproxy > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: connect from .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: DKIM signing - signed; .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dkimproxy.out\[[0-9]+\]: DKIM signing - skipped; .*$No rules at all. Jul 7 12:39:21 hosting dkimproxy.out[1508]: DKIM signing - skipped; message-id=<cb42d0dfb3a2eb598e162cfe3b6ea493 at www.xyz.com>, from=<email at dot.com> Jul 7 12:39:21 hosting dkimproxy.out[1508]: DKIM signing - signed; message-id=<cb42d0dfb3a2eb598e162cfe3b6ea493 at www.xyz.com>, from=<email at dot.com> Jul 7 12:39:21 hosting dkimproxy.out[1508]: connect from 127.0.0.1> #postfix > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: discarding EHLO keywords: 8BITMIME STARTTLS$In 1.3.10, sorry.> #ssh > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: error writing /proc/self/oom_adj: Operation not permitted$Not there.> #ntp > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 4001No config at all> #cron-apt > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cron-apt: After this operation, [:alnum:]+ disk space will be freed.$In 1.3.10, sorry.> #syslog-ng > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslog-ng\[[0-9]+\]: Log statistics;.*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslog-ng\[[0-9]+\]: Configuration reload request received, reloading configuration;$syslog-ng[31823]: Log statistics; processed='destination(d_error)=3', processed='destination(d_messages)=298', processed='src.internal(s_src#1)=90', stamp='src.internal(s_src#1)=1278499023', processed='destination(d_syslog)=90', processed='center(received)=0', processed='destination(d_xconsole)=3', processed='destination(d_newscrit)=0', processed='destination(d_auth)=1452', processed='destination(d_daemon)=1', processed='global(payload_reallocs)=0', processed='global(msg_clones)=0', processed='destination(d_mail)=64', processed='destination(d_cron)=711', processed='destination(d_kern)=132', processed='destination(d_uucp)=0', processed='destination(d_debug)=4', processed='destination(d_lpr)=0', processed='destination(d_user)=76', processed='center(queued)=0', processed='global(sdata_updates)=0', processed='destination(d_newsnotice)=0', processed='destination(d_console_all)=3', processed='destination(d_console)=1', processed='source(s_src)=2530', processed='destination(d_newserr)=0'> #shorewall > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Shorewall:.*$Shorewall can log to an outside file. Logging to syslog is causing every packet drop to be in logcheck. Example: Jul 7 12:40:04 dev kernel: Shorewall:net2fw:DROP:IN=venet0 OUTPHYSIN=eth0 MAC= SRC=X.Y.Z.A DST=A.B.C.D LEN=404 TOS=0x00 PREC=0x00 TTL=32 ID=54796 PROTO=UDP SPT=2368 DPT=1434 LEN=384> #libpam-cracklib > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cracklib: no dictionary update necessary.$Not there.> #modprobe? > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ modprobe: WARNING: Not loading blacklisted module ipv6.$Should be in fact: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ modprobe: WARNING: Not loading blacklisted module [:alnum:]+$> #bind > #success resolving 'www.mac.com/AAAA' (in 'mac.com'?) after reducing the advertised EDNS UDP packet size to 512 octets > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ named\[[0-9]+\]: success resolving.*$In 1.3.10, sorry.> #rsyncd > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: file has vanished: .*$ >Not there.> #netatalk > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: server_child[[:xdigit:]+] [:xdigit:]+ exited 1$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: uams_dhx_pam.c :PAM: PAM Success$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: uams_dhx_pam.c :PAM: PAM Auth OK!$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: login [:alpha:]+ (uid [:xdigit:]+, gid [:xdigit:]+) AFP3.1$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: dhx login: [:alpha:]+$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: ipc_read: command: .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: Setting clientid .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: pc_get_session: .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: bad function .*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: ASIP session:.*$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: afp_alarm: child timed out$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: [:alpha:]+ read, [:alpha:]+ written$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: Connection terminated$ > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ afpd\[[0-9]+\]: server_child[[:xdigit:]+] [:xdigit:]+ exited 1$No rules at all.