similar to: Bug#355364: logcheck-database: rules to match nagios|nagios2

Package: logcheck-database Version: 1.2.43a Severity: wishlist when nagios2 is installed logcheck doesn't catch system messages with the existing (nagios) rules please, change "nagios:" to "nagios\[[0-9]+\]:" for all lines thanks -- Cyril Chaboisseau -------------- next part -------------- --- nagios 2005-10-23 06:13:15.000000000 +0200 +++ nagios.new 2006-03-05

Package: logcheck-database Severity: normal Tags: patch The rules in /etc/ignore.d/server/nagios contain the explicit version number "2". Now that lenny includes nagios3, those rules don't work anymore. Please change the rules to work for both nagios2 and 3. That can easily be done by replacing the 2 by (2|3) for example. -- System Information: Debian Release: lenny/sid APT

Processing commands for control at bugs.debian.org: > reassign 325874 logcheck-database Bug#325874: nagios-common: logcheck regexp issue Bug reassigned from package `nagios-common' to `logcheck-database'. > tags 325874 + patch Bug#325874: nagios-common: logcheck regexp issue Tags were: patch Tags added: patch > thanks Stopping processing here. Please contact me if you need

Package: logcheck-database Severity: wishlist Tags: patch Hi, check_radius output filter: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ check_radius: rc_avpair_gen: received VSA attribute with unknown Vendor-Id [[:digit:]]+$ Hendrik -- Hendrik Jaeger Linux Systemadministrator Init Seven AG Elias-Canetti-Strasse 7 CH-8050 Z?rich phone: +41 44 315 44 00 fax: +41 44 315 44 01 http://www.init7.net/

On Wed, 2005-04-27 at 22:10 -0400, Steve Gran wrote: > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND: PROCESS_SERVICE_CHECK_RESULT > > (although that may be too broad) Can you provide the log messages that this matches? Thanks, -- -jamie <jamie at silverdream.org> | spamtrap: spam at silverdream.org w: http://www.silverdream.org | p: sms at silverdream.org pgp

Package: logcheck Version: 1.2.43a Severity: normal -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (900, 'testing'), (800, 'unstable') Architecture: i386 (i586) Kernel: Linux 2.6.10 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 Versions of packages logcheck depends on: ii adduser 3.77 Add and remove

The entry is probably not igored because of the word deny in your path . You might better set your rule in violation.ignore.d/ directory. At 13:00 09/01/2006, you wrote: >Send Logcheck-users mailing list submissions to > logcheck-users@lists.alioth.debian.org > >To subscribe or unsubscribe via the World Wide Web, visit >

# Automatically generated email from bts, devscripts version 2.10.30 # via tagpending # # logcheck (1.2.65) unstable; urgency=low # # * ignore.d.server/postfix: # - ignore connection messages for anonymous TLS connections; thanks to # Justin Larue (closes: #486440). # - ignore hostname verification due to DNS name not found; thanks to # Justin Larue (closes: #486440). # *

Package: logcheck Version: 1.2.43a Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have messages like these in my logs: Apr 27 10:05:49 localhost smartd[9357]: Device: /dev/hda, SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 58 to 57 Apr 27 10:05:49 localhost smartd[9357]: Device: /dev/hda, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 58 to 57

Package: logcheck Version: 1.2.43a Severity: minor /etc/logcheck/ignore.d.server/ntp contains: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: adjusting local clock by [.0-9]+s$ However, this will not match negative corrections such as: System Events =-=-=-=-=-=-= Mar 5 01:44:55 billchase ntpd[6171]: adjusting local clock by -0.190112s Mar 5 01:55:20 billchase ntpd[6171]: adjusting local

Package: logcheck-database Version: 1.2.43a Severity: minor Since last weekend's upgrade of logcheck-database from 1.2.42 to 1.2.43a, logcheck stopped ignoring routine SpamAssassin messages of the form Feb 20 21:36:16 tux64 spamd[4665]: spamd: checking message <20060220190721.0E0B41C5207 at llwb563.servidoresdns.net> for amu:7286 Could you please edit the second pattern in

Package: logcheck Version: 1.2.43a Severity: wishlist The conf file currently says # Should the hostname of the generated mails be fully qualified? FQDN=1 I suggest rewording that to # Should the hostname in the subject of the generated mails be fully qualified? FQDN=1 The current wording led me to believe that the sender, and perhaps recipient (if otherwise unqualified) of the emails generated

Package: logcheck-database Version: 1.2.43a Severity: normal Tags: patch Hi, Given the following popa3d log messages: popa3d[15636]: 0 messages (0 bytes) loaded popa3d[15993]: 1 message (3837 bytes) loaded popa3d[15856]: 3 messages (18116 bytes) loaded The current logcheck ruleset does not take into account that sometimes there might be multiple message_S_ to be loaded. The following patch

Package: logcheck-database Version: 1.2.43a Severity: wishlist -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I recently switched to syslog-ng. Here are some lines that can be ignored. syslog-ng: Changing permissions on special file /dev/xconsole syslog-ng: STATS: dropped 2 - -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (650, 'testing'),

Package: logcheck-database Version: 1.3.8 Severity: wishlist HI, can you please create a rule/some rules for amavis(d-new). I get for every mail this mesage: May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \ <aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \ Hits:

Package: logcheck-database Version: 1.2.33 Severity: normal I just installed 1.2.33, and it made my rules dirs setuid, not setgid... - Marc -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (900, 'testing'), (300, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.8-1-k7 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of

Package: logcheck Version: 1.2.54 Severity: normal In the file ignore.d.paranoid/cron there are the rules ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [[:alnum:]-]+$ to ignore lines like 10:17:01 at 04-03-2007 tooar

Hi, I've got a few logcheck ignore.d rules that I'd like to submit, one example is sqlgrey. /usr/share/doc/logcheck/README.maintainer talks about shipping the rules inside the package itself, so I could file a request with sqlgrey. However, that doesn't work because of course I don't have all the packages I use on my network installed on my loghost. In fact, I believe that

Package: logcheck-database Version: 1.2.36 Severity: wishlist Hello, I recently blew away my old logcheck-databse and lost a number of changes that i had made to postfix entries. The default database for postfix reports the following errors that do not seem to be important... Apr 2 13:00:19 terminus postfix/local[29516]: 574B9B3B9F: to=<doug at localhost>, relay=local, delay=13,

Package: logcheck-database Version: 1.2.37 Severity: normal Hello again, openntpd gives messages like these failry often: Apr 7 14:25:55 terminus ntpd[673]: peer 204.17.42.202 now invalid Apr 7 14:26:10 terminus ntpd[673]: peer 204.17.42.202 now valid I am not sure if this is something that an admin may find relevant but they happen fairly often and they do not offer a lot of info for me.