thr3ads.net - Logcheck devel - Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports) [Nov 2004]

If this information is useful, please help other people find it:
Share via:

Radosław Łoboda

2004-Nov-06 22:27 UTC

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

The same problem appeard on my system. Seems like logcheck does not like 
single empty lines in rule files, and they are somehow not filtered out.

Check out following files in search of empty lines:
/etc/logcheck/ignore.d.server:
    automount
    dhcp
    jabberd
/etc/logcheck/violations.ignore.d
    logcheck-hylafax

Also, the following files have some errors like newlines in the middle 
of the rule:
 /etc/logcheck/ignore.d.server/perdition
 /etc/logcheck/ignore.d.server/postfix

This should help with no-report problem. Hope this will be fixed soon.

-- 
Rados?aw ?oboda

Todd Troxell

2004-Nov-06 23:37 UTC

head link

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

On Sat, Nov 06, 2004 at 11:27:50PM +0100, Rados?aw ?oboda
wrote:> The same problem appeard on my system. Seems like logcheck does not like 
> single empty lines in rule files, and they are somehow not filtered out.
> 
> Check out following files in search of empty lines:
> /etc/logcheck/ignore.d.server:
>    automount
>    dhcp
>    jabberd
> /etc/logcheck/violations.ignore.d
>    logcheck-hylafax
> 
> Also, the following files have some errors like newlines in the middle 
> of the rule:
> /etc/logcheck/ignore.d.server/perdition
> /etc/logcheck/ignore.d.server/postfix
> 
> This should help with no-report problem. Hope this will be fixed soon.
Thanks alot for the tip off on the newlines in the rules.  I just commited to
CVS.

The other bug has already been patched by alfie.  I will upload this fixed
version after some testing.

Cheers,

-- 
[   Todd J. Troxell                                         ,''`.
      Student, Debian GNU/Linux Developer, SysAdmin, Geek  : :' :
      http://debian.org || http://rapidpacket.com/~xtat    `. `' 
                                                             `-     ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20041106/43dfc0e7/attachment.pgp

Adam Funk

2004-Nov-10 08:57 UTC

head link

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Following an apt-get upgrade, I've noticed the same problem with
logcheck 1.2.30 (the previous version worked fine).  My output from
"sudo -u logcheck logcheck -d" is listed below.

HTH,
Adam


D: [1100076774] Turning debug mode on
D: [1100076774] Sourcing - /etc/logcheck/logcheck.conf
D: [1100076774] Finished getopts c:dhH:l:L:m:opr:RsS:tTuvw
D: [1100076774] Trying to get lockfile: /var/lock/logcheck.lock
D: [1100076774] Running lockfile-touch /var/lock/logcheck.lock
D: [1100076774] cleanrules: /etc/logcheck/cracking.d/logcheck
D: [1100076774] cleanrules: /etc/logcheck/violations.d/logcheck
D: [1100076774] cleanrules: /etc/logcheck/violations.d/su
D: [1100076774] cleanrules: /etc/logcheck/violations.d/sudo
D: [1100076774] cleanrules: /etc/logcheck/violations.ignore.d/hotplug
D: [1100076774] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-bind
D: [1100076774] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-courier
D: [1100076774] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-cyrus
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-hylafax
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-innd
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-nagios
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-openvpn
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-postfix
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-pureftp
D: [1100076775] cleanrules:
/etc/logcheck/violations.ignore.d/logcheck-sendmail_tmp
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-spamd
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-squid
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-usb
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-winbind
D: [1100076775] cleanrules: /etc/logcheck/violations.ignore.d/spamassassin
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/anon-proxy
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/arpwatch
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/automount
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/bind
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/courier
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/cpqarrayd
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/cron
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/cyrus
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/dhclient
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/dhcp
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/dnsmasq
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/dovecot
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/gnome-bin
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/gps
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/hylafax
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/imapproxy
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/imp
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/innd
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/ipppd
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/isdnlog
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/isdnutils
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/jabberd
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/logcheck
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/nagios
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/nfs
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/nntpcache
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/ntop
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/ntp
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/ntp-server
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/ntpdate
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/oidentd
D: [1100076775] cleanrules: /etc/logcheck/ignore.d.server/openvpn
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/pdns
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/perdition
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/postfix
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/ppp
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/pptpd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/proftpd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/pure-ftpd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/rsnapshot
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/samba
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/scponly
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/slapd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/smartd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/smokeping
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/snmpd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/spamd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/squid
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/ssh
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/stunnel
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/thy
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/uptimed
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.server/userv
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/apmd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/bind
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/cron
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/imap
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/ntop
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/proftpd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/spamassassin
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/squid
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd
D: [1100076776] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd
D: [1100076776] logoutput called with file: /var/log/syslog
D: [1100076776] Running logtail: /var/log/syslog
D: [1100076776] logoutput called with file: /var/log/auth.log
D: [1100076776] Running logtail: /var/log/auth.log
D: [1100076776] Sorting logs
D: [1100076776] Not setting the Intro
D: [1100076776] Checking for security alerts
D: [1100076776] greplogoutput: logcheck
D: [1100076776] greplogoutput: returning 1
D: [1100076776] Checking for security events
D: [1100076776] greplogoutput: logcheck
D: [1100076777] greplogoutput: su
D: [1100076777] greplogoutput: sudo
D: [1100076777] greplogoutput: Entries in checked
D: [1100076777] cleanchecked - file:
/tmp/logcheck.HX1vZ4/violations-ignore/logcheck-sudo
D: [1100076777] greplogoutput: returning 1
D: [1100076777] Checking for system events
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/anon-proxy
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/apmd
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/arpwatch
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/automount
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/bind
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/courier
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/cpqarrayd
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/cron
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/cyrus
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/dhclient
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/dhcp
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/dnsmasq
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/dovecot
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/gnome-bin
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/gps
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/hylafax
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/imap
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/imapproxy
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/imp
D: [1100076777] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/innd
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ipppd
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/isdnlog
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/isdnutils
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/jabberd
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/logcheck
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/nagios
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/nfs
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/nntpcache
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ntop
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ntp
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ntpdate
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ntp-server
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/oidentd
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/openvpn
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/pdns
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/perdition
D: [1100076778] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/postfix
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ppp
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/pptpd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/proftpd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/pure-ftpd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/qpopper
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/rpc_statd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/rsnapshot
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/samba
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/scponly
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/slapd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/smartd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/smokeping
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/snmpd
D: [1100076779] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/spamassassin
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/spamd
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/squid
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ssh
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/stunnel
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/sysklogd
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/telnetd
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/thy
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/ucd-snmp
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/uptimed
D: [1100076780] cleanchecked - dir - /tmp/logcheck.HX1vZ4/ignore/userv
D: [1100076780] Not setting the footer text
D: [1100076780] cleanup: Killing lockfile-touch - 7356
D: [1100076780] cleanup: Removing lockfile: /var/lock/logcheck.lock
D: [1100076780] Cleanup: Removing - /tmp/logcheck.HX1vZ4

C.Y.M

2004-Nov-10 10:20 UTC

head link

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Adam Funk wrote:> Following an apt-get upgrade, I've noticed the same problem with
> logcheck 1.2.30 (the previous version worked fine).  My output from
> "sudo -u logcheck logcheck -d" is listed below.
> 
The latest 1.2.31 version seems to have fixed my problems.  Thanks..

Logcheck devel - Nov 2004 - Bug#279650: Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)

Bug#279650: [Logcheck-devel] Bug#279650: Acknowledgement (Logcheck no longer sending reports)