Displaying 20 results from an estimated 2000 matches similar to: "dedup and sort rules"
2004 Jun 03
1
4 important bugs again <;
hello everyone,
thanks to todd 1.2.21 is out :)
every release getting better, i would like to get
consensus on these "important" bugs:
#252078 logtail: should depend on perl >= 5.8
sarge as any other modern linux distro use perl 5.8.x,
it's even inside of its base.
backports are under the peril of its author
if no one voices up, i'll close that bug in the next days.
2004 Jul 09
1
Bug#258427: logcheck/logtail didn't detect tampering logfile
Package: logcheck
wanted to work on #195935,
but found a less than funny issue, easy to reproduce:
* remove some lines in front of your logfile
* invoke logcheck
you'll get a big email with all not matching lines from that log.
not setting that to high priority because you are getting also the
newer loglines. don't know if i find time that weekend.
wanted to document it anyways.
a++
2005 Jun 21
3
Bug#315071: Results to your question
Hi,
See below:
# getent group adm
adm:x:4:root,adm,daemon
And:
# ls -l /var/log
total 20384
-rw-r----- 1 root adm 43310 Jun 21 16:00 auth.log
-rw-r----- 1 root adm 128247 Jun 19 06:47 auth.log.0
-rw-r----- 1 root adm 10318 Jun 12 06:47 auth.log.1.gz
-rw-r----- 1 root adm 9508 Jun 5 06:47 auth.log.2.gz
-rw-r----- 1 root adm 12475 May 29 06:47 auth.log.3.gz
2004 Aug 23
2
Bug#267587: logcheck-database: Additional rule needed for postfix
Package: logcheck-database
Version: 1.2.25
Severity: normal
postfix/smtpd\[[0-9]+\]: lost connection after (CONNECT|DATA|RCPT|RSET|EHLO|HELO|MAIL) from
Please include the above line in the ignore.d/server/postfix file. That
catches messages that occur very often on busy Postfix servers.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
2004 Oct 11
1
Bug#275946: Acknowledgement (newline not recognized when logcheck sends emails)
I upgraded to 1.2.28, same results.
Here are the rules I added.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Connect:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: [^[:space:]]+ \[NOTICE\]
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: [^[:space:]]+ \[INFO\]
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ exact\[[0-9]+\]:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ slapd\[[0-9]+\]:
^\w{3} [ :0-9]{11}
2004 Jun 13
1
intermittent access this week
Hey team,
I'll be at sea on and off this week, and as such my Internet access will
depend on wifi availability while in port. 22a seems stable, but if any
critical problems arise, feel free to prepare a release and bug Alfie
to upload it.
On the brighter side, I expect to be extremely bored while offline so I'll
probably get some logcheck work done. <:
Cheers,
--
[ Todd J.
2006 Jan 03
1
Bug#344832: (fwd) Re: Bug#344832: correct subject header
----- Forwarded message from General Stone <generalstone at gmx.net> -----
X-Original-To: maks at sternwelten.at
Date: Mon, 2 Jan 2006 14:59:03 +0100
From: General Stone <generalstone at gmx.net>
To: maximilian attems <maks at sternwelten.at>
Subject: Re: [Logcheck-devel] Bug#344832: correct subject header
On Mon, Jan 02, 2006 at 02:09:48PM +0100, maximilian attems wrote:
>
2004 Sep 12
2
Bug#271286: minor fix for ignore.d.server/oidentd
Package: logcheck
Version: 1.2.27
Severity: wishlist
hello,
in ignore.d.server/oidentd you have:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
[._[:alnum:]-]+ \([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$
anyway, some oidentd logs don't have a hostname:
oidentd[34562]: Connection from 241.145.24.135:2353
therefore you have to add:
^\w{3} [
2004 May 25
2
Bug#222240: Ask for frequency during install (logcheck)
hello,
the debconf configuration of logcheck was removed since woody release:
as logcheck's user base is targeting server admins,
we don't see the need of a debconf based question regarding the
frequency of logcheck. beside once per day is a good default.
a note was added to documentation README.Debian that this value
may be changed in /etc/cron.d/logcheck.
so these bugreports will be
2005 Apr 26
3
Bug#306388: add ignore line for udhcpd
Package: logcheck-database
Severity: wishlist
Hi,
the following two lines should be added either to ignore.d.server/dhcp or
ignore.d.server/udhcp to ignore messages from udhcpd (other lines may be
necessary)
# udhcpd support
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ udhcpd\[[0-9]+\]: sending OFFER of [.0-9]+
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ udhcpd\[[0-9]+\]: sending ACK to [.0-9]+
filippo
2005 May 03
1
Re: [Logcheck-commits] CVS logcheck/docs
On Tue, 2005-05-03 at 07:20 +0000, CVS User maks-guest wrote:
> Modified Files:
> logcheck.sgml
> Log Message:
>
> minor addition describe 3 layers.
> remove the url tag not recognized by docbook2man.
> +
> + <para>The reported messages are sorted in three different layers.
> + The system events verbosity is governed by aboves level choice.
> + The
2004 May 15
1
Re: [Logcheck-commits] CVS logcheck/src
On Sat, 15 May 2004, CVS User ttroxell wrote:
> if [ -f /etc/logcheck/header.txt ] ; then
> - $CAT /etc/logcheck/header.txt >> $TMPDIR/report
> + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \
> + || error "Could not append header to $TMPDIR/report Disk full?"
> fi
> }
>
> @@ -152,7 +157,8 @@
> # Add a footer
2006 Jul 04
1
no such user
I have rules like this on my servers:
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]+\]:
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[[:digit:].]{7,15}\]\) (- )USER
[-_.[:alnum:]]+: no such user found from [._[:alnum:]-]+
\[[[:digit:].]{7,15}\]\ to [[:digit:].]{7,15}:21$
basically, I just don't care about logins as nonexistent users,
I get so many of those that I don't even
2005 Jun 07
2
Bug#312376: /etc/logcheck/logcheck.ignore is no longer read
Package: logcheck
Version: 1.2.39
Severity: normal
Since I've upgraded my servers to sarge, I'm getting mail every hour for
stuff that was duly included in /etc/logcheck/logcheck.ignore. Turns
out that sarge's version no longer reads that file.
If this was a conscious decision, then there should be some warning
about this when upgrading (via debconf of NEWS.Debian). Also, the
2004 May 15
2
Re: [Logcheck-commits] CVS logcheck/src
hey todd,
looked again at that return value check merge:
@@ -557,7 +584,8 @@
# the same lines) and reduce CPU and memory usage afterwards.
debug "Sorting logs"
$SORT -m $TMPDIR/logoutput/* | uniq | sed -e 's/ *$//' \
- > $TMPDIR/logoutput-sorted
+ > $TMPDIR/logoutput-sorted \
+ ||error "Could not output to $TMPDIR/logoutput-sorted Disk Full?"
i guess
2005 Jul 28
2
Bug#320274: logcheck-database: Please add pop3 to dovecot
Package: logcheck-database
Version: 1.2.40
Severity: wishlist
Hi,
Please duplicate the imap-login related lines and change them to filter
out the equivalent messages emitted by pop3-login.
regards
Andrew
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel:
2004 Jun 04
2
Bug#252597: logcheck: user logchecks mails should be delivered to root
Package: logcheck
Version: 1.2.20a
Severity: important
Since logcheck changed to run as user logcheck, the error mails of the cron
daemon end up in /var/mail/logcheck where nobody reads them. Mails for
logcheck should be aliased to root like all the other mails of system
accounts.
I was searching for a long time what was wrong with my logcheck not
delivering any mails. The lock directory was
2005 Dec 23
4
Bug#344553: logcheck: Fails silently to read config file
Package: logcheck
Version: 1.2.42
Severity: minor
Tags: patch
Logcheck does not report any error if the config file is not readable
or does not exists. This may easily happen, as logcheck is run as
logcheck user and while one is testing a new configuration on live
system with running configuration intact.
Following fragment may help:
# Now source the config file - before things that should
2004 Jul 21
1
Bug#260573: logcheck: ignore.d.paranoid/cron and ignore.d.server/cron swapped
Package: logcheck
Version: 1.2.23
Severity: normal
Hello,
I have:
# /bin/cat ignore.d.server/cron
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ crontab\[[0-9]+\]: \([[:alnum:]-]+\) LIST \([[:alnum:]-]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ crontab\[[0-9]+\]: \([[:alnum:]-]+\) REPLACE \([[:alnum:]-]+\)$
and:
# /bin/cat ignore.d.paranoid/cron
^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2004 May 28
2
Bug#251364: logcheck: preinst has bashism, fails with dash and LANG != C
Package: logcheck
Version: 1.2.20a
Severity: serious
Tags: patch
On a system where sh points to dash and LANG=es_ES, I get this:
# apt-get -y --reinstall install logcheck
Leyendo lista de paquetes... 0%
Leyendo lista de paquetes... 0%
Leyendo lista de paquetes... 23%
Leyendo lista de paquetes... Hecho
Creando ?rbol de dependencias... 0%
Creando ?rbol de dependencias... 0%
Creando ?rbol de