Displaying 20 results from an estimated 1000 matches similar to: "Bug#445074: /etc/logcheck/ignore.d.server/ssh: Nasty PTR record"
2007 Sep 26
1
Bug#444097: /etc/logcheck/ignore.d.server/ddclient: 2 rules to get you started
Package: logcheck
Version: 1.2.62
Severity: wishlist
Here are two rules for ddclient, a client for dynamic IP services such
as DynDNS or DynIP:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: SUCCESS: updating [._[:alnum:]-]+: good: IP address set to [:[:xdigit:].]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: WARNING: forcing update of [._[:alnum:]-]+ from
2007 Oct 03
2
Bug#445072: /etc/logcheck/violations.ignore.d/logcheck-ssh: Failed password for ...
Package: logcheck-database
Version: 1.2.62
Severity: normal
File: /etc/logcheck/violations.ignore.d/logcheck-ssh
Somewhere between etch and now, ssh stopped reporting failed passwords
as "error: PAM: Authentication failure for foo", and switched to "Failed
password for foo", similar to what it already did for unknown users, but
without the "invalid user" part.
2007 Sep 24
3
Bug#443886: /etc/logcheck/ignore.d.server/proftpd: [proftpd] Refused user $USER for service $FOO
Package: logcheck-database
Version: 1.2.61
Severity: wishlist
File: /etc/logcheck/ignore.d.server/proftpd
Two weeks ago, I got a rush of these:
Sep 8 12:37:07 goretex proftpd: PAM-listfile: Refused user news for service proftpd
(Apparently, fail2ban managed to miss those.)
This is triggered by pam_listfile, which is used by proftpd (and other
FTP daemons) to block users listed in
2008 Mar 15
1
Bug#471072: logcheck-database: Moving most of violations.ignore.d to ignore.d.*
Package: logcheck-database
Version: 1.2.63
Severity: normal
Given that violations.d/logcheck has been emptied by
2394562ab4a13c4510c671f01ffc8f35e97f1cd3, shouldn't most of
violations.ignore.d be moved to one of ignore.d.*? AIUI, all of these
are currently rendered useless.
(I'll gladly lend a hand; I just want to make sure this is the right
thing to do.)
-- System Information:
Debian
2007 Oct 06
1
Bug#445537: logcheck: Kein Deutsch in config Dateien bitte
Package: logcheck
Version: 1.2.62
Severity: minor
# Send the results as attachment or not.
# 0=not as attachment; 1=as attachment
# Default ist 0
^^^
MAILASATTACH=0
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.23-rc8+cfs (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8,
2005 Jun 07
2
Bug#312376: /etc/logcheck/logcheck.ignore is no longer read
Package: logcheck
Version: 1.2.39
Severity: normal
Since I've upgraded my servers to sarge, I'm getting mail every hour for
stuff that was duly included in /etc/logcheck/logcheck.ignore. Turns
out that sarge's version no longer reads that file.
If this was a conscious decision, then there should be some warning
about this when upgrading (via debconf of NEWS.Debian). Also, the
2008 Mar 05
1
Bug#445072: setting package to logcheck-database logtail logcheck, tagging 444097, tagging 445069, tagging 444096 ... ... ... ... ... ... ...
# Automatically generated email from bts, devscripts version 2.10.18.1
#
# logcheck (1.2.64) unstable; urgency=low
#
# * ignore.d.server/bind:
# - moved "[bind] query $FOO denied" rule to violations.ignore.d
# (closes: #443881).
# - added bind's "AXFR ended" rule alongside "AXFR started"
# (closes: #445046).
# - added "adding an
2010 May 17
1
Bug#582060: logcheck-database: bind network unreachable errors
Package: logcheck-database
Version: 1.3.8
Severity: normal
After double checking that I had the most up to date logcheck-database
:-) I am seeing these lines reported.
May 17 15:29:33 localhost named[1765]: error (network unreachable) resolving 'software.majix.org/A/IN': 2001:503:ba3e::2:30#53
I believe that this line was intended to match it.
^\w{3} [ :[:digit:]]{11}
2008 Apr 25
1
Bug#477932: logcheck-database: bind with views - messages not filtered
Package: logcheck-database
Version: 1.2.54
Severity: normal
Tags: patch
When views are used in bind, the logcheck filters don't catch the common
informational log messages.
Added regex bits to the filter definitions.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel:
2008 Feb 09
1
Bug#464896: logcheck-database: ignore Postfix bad address syntax errors from postfix/error
Package: logcheck-database
Version: 1.2.63
Severity: wishlist
Tags: patch
The bad address syntax bounce message was previously logged by
postfix/qmgr, but in the current version of Postfix in lenny is
(at least sometimes) logged by postfix/error instead.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1,
2008 Apr 28
1
Bug#478334: logcheck doesn't know about dkim-filter
Package: logcheck-database
Version: 1.2.63
> Apr 28 17:02:39 naam dkim-filter[15536]: 570BA180CE: bad signature data
> Apr 28 17:03:20 naam dkim-filter[15536]: A08D2180CE: bad signature data
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE SSL error:04077068:rsa routines:RSA_verify:bad signature
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE: bad signature data
> Apr 28
2008 Apr 06
1
Bug#474606: logcheck: add a filter for r300 microcode
Package: logcheck
Version: 1.2.63
Severity: normal
Hi,
I have just installed logcheck and it works out of the box! thx for
that!
I just notice that in the /etc/logcheck/ignore.d.workstation/kernel
file there is a filter for "[drm] Loading r200 Microcode". COuld you
add please the same for the r300. The log message is the same :
Apr 6 19:21:14 debian kernel: [drm] Loading R300
2007 Oct 29
1
Bug#448510: logcheck-database: revised pattern for spamd
Package: logcheck-database
Version: 1.2.63
Severity: normal
Tags: patch
spamassassin is now reporting Unix domain sockets in the rport field.
I'm not exactly sure what changed to cause this to happen; it started
after an upgrade whose only remotely relevant package was razor.
I think the following pattern in ignore.d.server/spamd will work
^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2009 Aug 18
2
Bug#542265: sendmail-base and logcheck-database: error when trying to install together
Package: logcheck-database,sendmail-base
Version: logcheck-database/1.2.69
Version: sendmail-base/8.14.3-9
Severity: serious
User: treinen at debian.org
Usertags: edos-file-overwrite
Date: 2009-08-18
Architecture: amd64
Distribution: sid
Hi,
automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the
2008 Feb 04
0
Bug#445074: [PATCH] Ignore "Nasty PTR record" messages from openssh (closes: #445074)
---
rulefiles/linux/ignore.d.server/ssh | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 31e8a3f16090172b7d6659a0b370536fcfcaab85.diff
Type: text/x-patch
Size: 763 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20080203/2ea1485c/attachment.bin
2010 May 04
1
Bug#580260: logcheck-database: dkim-filter needs tweak
Package: logcheck-database
Version: 1.3.8
11 hex digits, and "no"
diff -ur logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter
--- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400
+++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04
2008 Dec 27
2
Bug#509885: does not cleanly update from logtail2
Package: logtail
Version: 1.2.68
Severity: normal
Hi,
logtail does not cleanly update from logtail2:
$ sudo dpkg --install /var/cache/apt/archives/logtail_1.2.68_all.deb
(Reading database ... 26564 files and directories currently installed.)
Unpacking logtail (from .../logtail_1.2.68_all.deb) ...
dpkg: error processing /var/cache/apt/archives/logtail_1.2.68_all.deb (--install):
trying to
2008 Mar 14
5
Bug#470929: dhcp: interface names can have dash in them
Package: logcheck-database
Version: 1.2.54
Severity: normal
I recently created a bridge with the name xen-local. The DHCP server gets requests
via this bridge.
I got spammed with logcheck messages about DHCPREQUESTS and the lot because the name
of the interface in the logcheck-database does not match on names with a dash in it.
-- System Information:
Debian Release: 4.0
APT prefers stable
2009 Apr 07
1
Bug#515156: Same bug after removal + reinstall
I ran into the same problem after somebody uninstalled logcheck and I
re-installed it.
It turned out that the ownership of /var/lock/logcheck where root:root -
sudo chown logcheck:logcheck /var/lock/logcheck solved it.
I see that there already is a check for the permissions in the postinst
which (as far as I can see) *should* have fixed the permissions and
ownership there.
When re-installing
2008 May 15
1
Bug#471936: setting package to logcheck-database logtail logcheck, tagging 473619, tagging 478334, tagging 472368 ...
# Automatically generated email from bts, devscripts version 2.10.27
#
# logcheck (1.2.64) unstable; urgency=low
#
# * ignore.d.server/dhcp
# - Adding dhcp rules for DNS updates by ddns_remove_a()
# (closes: #459875, #472368)
# - Added dhcp "removed reverse map" rule, which occurs on DHCPRELEASE.
# * ignore.d.server/spamd
# - deal with socket connections by e.g. evolution