Thomas Prokosch
2004-May-29 14:48 UTC
[Logcheck-devel] Bug#251590: logcheck: Per-rule counters would help maintaining ruleset
Package: logcheck Severity: wishlist It would be nice to have per-rule counters which count how many times the rule has been hit since last counter reset. This would help the administrator to remove dead rules (ones which are no longer needed due to software upgrades etc). This would help tighten the ruleset - a tight ruleset is the basis for a well-maintained machine. Rules which have not been hit for a certain (configurable) amount of time should get appended to the report together with the date of the last hit. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.5-1-386 Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL set to C)