Displaying 20 results from an estimated 4000 matches similar to: "Bug#372286: logcheck-database: new rule for courier"
2008 Jun 24
1
Bug#483214: setting package to logcheck-database logtail logcheck, tagging 487208, tagging 484546, tagging 482523 ...
# Automatically generated email from bts, devscripts version 2.10.30
# via tagpending
#
# logcheck (1.2.65) unstable; urgency=low
#
# * ignore.d.server/postfix:
# - ignore connection messages for anonymous TLS connections; thanks to
# Justin Larue (closes: #486440).
# - ignore hostname verification due to DNS name not found; thanks to
# Justin Larue (closes: #486440).
# *
2007 May 25
0
Bug#425967: logcheck-database: The patterns for courier-imap-ssl do not match imap, only imap-ssl
Package: logcheck-database
Version: 1.2.54
Severity: minor
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.2-dp0
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15)
Versions of packages logcheck-database depends
2008 Mar 21
1
CentOS 5.1 - MySQL 5.0.22 - Courier auth lib problem
Hi
I am finishing my mail server config and just trying to get the mysql
login working - it fails to connect and thorws the following error
Mar 21 21:58:21 mail0 authdaemond: failed to connect to mysql server
(server=localhost, userid=courier): Can't connect to local MySQL server
through socket '/tmp/mysql.sock.' (2)
Mar 21 21:58:21 mail0 couriertcpd: LOGIN FAILED, user=tom at
2004 Jul 22
1
Bug#260810: Addition to bug 260810: lmtp rule
Hi,
I'd like to suggest one change in the postfix rules originally submitted:
The last line should read
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]: [0-9A-F]+:
to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)?
relay=[^[:space:]]+\[[^[:space:]]+\], delay=[0-9]+, status=sent \(250
2\.6\.0 Ok, id=[-0-9]+, from MTA: 250 Ok: queued as [0-9A-F]+\)$
instead of
^\w{3} [
2006 Feb 22
2
Bug#353962: integrate courier file in logcheck-database
Package: courier-imap-ssl,logcheck-database
Severity: wishlist
Please move /etc/logcheck/*/courier to the courier packages and out
of logcheck-database.
-- System Information:
Debian Release: testing/unstable
APT prefers stable
APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked
2004 Sep 04
1
Bug#269959: logcheck-database: courier ignore.d.server contains word from violations.d list
Package: logcheck-database
Version: 1.2.26
Severity: normal
Hi,
the file courier contains the line:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pop3d-ssl: Unexpected SSL connection
shutdown\.$
This triggers the security logcheck section because of the word
"shutdown". Quick fix is to move or duplicate this line to
violations.ignore.d/logcheck-courier.
BTW: It looks like the courier package
2005 Feb 12
3
Bug#294950: logcheck: ignore.d.server courier imaplogin: DISCONNECTED not matching
Package: logcheck
Version: 1.2.34
Severity: normal
the ignore.d.server pattern for courier 'imaplogin: DISCONNECTED' does
not match the following line:
Feb 12 16:19:47 backup imaplogin: DISCONNECTED,
user=example at example.com, ip=[::ffff:111.111.111.111],
headers=14013, body=0, time=1
This line should be ignored like the other DISCONNECTED messages. Or am
I wrong?
-- System
2005 Apr 26
3
Bug#306388: add ignore line for udhcpd
Package: logcheck-database
Severity: wishlist
Hi,
the following two lines should be added either to ignore.d.server/dhcp or
ignore.d.server/udhcp to ignore messages from udhcpd (other lines may be
necessary)
# udhcpd support
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ udhcpd\[[0-9]+\]: sending OFFER of [.0-9]+
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ udhcpd\[[0-9]+\]: sending ACK to [.0-9]+
filippo
Bug#551340: [logcheck-database] Rule in /etc/logcheck/violations.ignore.d/logcheck-su does not match
2009 Oct 17
1
Bug#551340: [logcheck-database] Rule in /etc/logcheck/violations.ignore.d/logcheck-su does not match
Package: logcheck-database
Version: 1.2.69
Severity: normal
Tags: patch
Hi,
I think that this rule:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-)
(pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
is supposed to filter out lines like:
Oct 17 14:49:24 myhost su[13469]: + /dev/pts/1 user1:root
It is not working because the pattern dos not include the "/dev/" part
and
2008 Mar 17
0
Processed: Re: Bug#444470: /etc/logcheck/violations.ignore.d/logcheck-ssh: Updated "authentication failure" rule
Processing commands for control at bugs.debian.org:
> # Commit 037fed5fc268088bad1f17c885d9153ee800ec40
> tag 444470 pending
Bug#444470: /etc/logcheck/violations.ignore.d/logcheck-ssh: Updated "authentication failure" rule
There were no tags set.
Tags added: pending
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system
2008 Mar 17
0
Bug#444470: /etc/logcheck/violations.ignore.d/logcheck-ssh: Updated "authentication failure" rule
In article <20080120021013.GA2871__36835.8155632906$1200797204$gmane$org at nexus.elho.net> you wrote:
> Looking at those two lines, they could just be different versions of
> the same thing, here are the commented differences:
Take my word: you'll live longer if you don't try to make sense of ssh
log messages. (I *swear* I once got different messages by doing the
same thing
2006 May 21
2
Bug#368313: logcheck-database: new postfix violations ignore rule
Package: logcheck-database
Version: 1.2.39
Severity: wishlist
Hi,
I'd like to add the following rule to /etc/logcheck/violations.ignore.d/logcheck-postfix :
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: NOQUEUE: reject: RCPT from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]: 554 <[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]>:
2006 May 30
2
Bug#369603: logcheck-database: new rule for dhcpd
Package: logcheck-database
Version: 1.2.44
Severity: minor
Tags: patch
Hi,
This patch changes one rule for dhcpd. It adds support for log lines of the following format:
May 30 19:36:57 server dhcpd: DHCPACK to 10.10.10.10 (aa:bb:cc:dd:ee:ff) via eth1
Regards,
Robbert
--- /root/dhcp 2006-05-30 21:50:24.000000000 +0200
+++ dhcp 2006-05-30 23:27:06.000000000 +0200
@@ -18,7 +18,7 @@
2006 Aug 11
0
Bug#382440: logcheck-database: Postfix rule missing in violations.ignore.d
Package: logcheck-database
Version: 1.2.47
Severity: normal
Tags: patch
Without the following logcheck line in
/etc/logcheck/violations.ignore.d, lines such as the following are
reported:
postfix/smtp[30054]: 824E9A2C1E: to=<nooneisillegal at someplace.net>,
relay=0.0.0.0[0.0.0.0], delay=1, status=sent (250 2.6.0 Ok, id=30274-22,
from MTA: 250 Ok: queued as 15140A2D0A)
This is because
2007 Jul 04
1
Bug#425035: hylafax-server: missing logcheck rule
package hylafax-server
reassign 425035 logcheck-database 1.2.56
thanks
I am reassigning this bug report since the hylafax logcheck rule is
distributed in package logcheck-database.
Bye,
Giuseppe
2012 Mar 02
1
Bug#661912: logcheck: files with period in ignore rule dirs ignored
Package: logcheck
Version: 1.3.14
Severity: normal
I added a local.rules file to ignore.d.server and then ran logcheck. The file was not used during the run.
Renaming it to local-rules got the file used during the next run.
Fix: periods should be allowed in filenames, or the fact that they are forbidden expressly documented inteh logcheck README.
Thanks
Nils
-- System Information:
Debian
2006 Feb 12
1
Bug#338732: logcheck-database: ignore rule for package cvs
tags 338732 pending
thanks
On 12 Nov 2005, at 11:38, Martin Lohmeier wrote:
> here is a rule for the cvs package. The line that should be ignored
> looks like this:
>
> Nov 12 12:02:22 djinn01 cvs-pserver[15917]: connect from
> 212.202.200.77 (212.202.200.77)
> Nov 12 12:31:00 djinn01 cvs-pserver[18386]: connect from
> 80.190.250.190 (80.190.250.190)
>
> I'll
2008 May 15
3
Bug#481306: logcheck-database: Request for new rule: "syslog-ng : Configuration reload"
Package: logcheck-database
Version: 1.2.63
Severity: wishlist
Hi,
Can you add rule to filter out following messages:
System Events
=-=-=-=-=-=-=
May 15 07:44:48 niko syslog-ng[21911]: Configuration reload request
received, reloading configuration;
Best regards
Andrei Emeltchenko
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'),
2007 Jan 26
2
Bug#408557: logcheck-database: little fix for a cracklib rule
Package: logcheck-database
Severity: wishlist
Tags: patch
Please consider applying the attached patch.
Logcheck doesn't match lines like the following right now:
----
Jan 26 04:26:29 space-based cracklib: updated dictionary (read/written words: ).
----
/Armin
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'),
2009 Sep 06
1
Bug#545318: logcheck-database: please add rule for newgrp messages
Package: logcheck-database
Version: 1.2.69
Severity: wishlist
Hello,
when newgrp (part of the package login) is used, I see messages
like this in my syslog:
Aug 27 23:36:16 debian64 newgrp[1975]: user `root' (login `root' on tty1)
switched to group `backup'
Aug 27 19:28:15 srv1 newgrp[10082]: user `root' (login `mazur' on pts/1)
switched to group `backup'
Aug 27