similar to: Bug#499323: logcheck-database: Logcheck fails to ignore certain OpenVPN messages

Displaying 20 results from an estimated 3000 matches similar to: "Bug#499323: logcheck-database: Logcheck fails to ignore certain OpenVPN messages"

2006 May 21
2
Bug#368313: logcheck-database: new postfix violations ignore rule
Package: logcheck-database Version: 1.2.39 Severity: wishlist Hi, I'd like to add the following rule to /etc/logcheck/violations.ignore.d/logcheck-postfix : ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: NOQUEUE: reject: RCPT from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]: 554 <[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]>:
2004 Oct 13
2
Bug#276317: logcheck-database: Namechange for ISC in /etc/logcheck/ignore.d.server/dhcp
Package: logcheck-database Version: 1.2.28 Severity: normal Hi, the Internet Software Consortium changed the name to Internet Systems Consortium. For a fix for the logcheck rules see the attachment. -- System Information: Debian Release: 3.0 APT prefers testing APT policy: (600, 'testing'), (100, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel:
2004 Oct 21
3
Bug#277636: logcheck-database: support for dnsmasq
Package: logcheck-database Version: 1.2.28 Severity: wishlist Could you add support for dnsmasq for the server profile? This is the standard dnsmasq output. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: read /etc/hosts - [[:digit:]]+ addresses$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: reading /etc/resolv.conf$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2009 Jun 10
1
Bug#532719: logcheck-database: filter pam_env complaining about missing /etc/default/locale
Package: logcheck-database Version: 1.2.69 Severity: normal on systems without configured global locale, i get lines like this in the logcheck filtered logs: Jun 10 21:12:13 ... sshd[9729]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory this looks like a warning that is perfectly ok but does not do any harm and occurs because when no global locale
2005 Apr 02
3
Bug#302744: logcheck-database: postfix rules
Package: logcheck-database Version: 1.2.36 Severity: wishlist Hello, I recently blew away my old logcheck-databse and lost a number of changes that i had made to postfix entries. The default database for postfix reports the following errors that do not seem to be important... Apr 2 13:00:19 terminus postfix/local[29516]: 574B9B3B9F: to=<doug at localhost>, relay=local, delay=13,
2006 Jan 07
2
Bug#346350: logcheck-database: dhcp3-server ignores need to include (none ) client host name
Package: logcheck-database Version: 1.2.39 Severity: normal I use dhcp3-server and a dhcp client which is Sony HDD video recorder CoCoon. The client not return client host name. In this case, dhcpd server assumed the client host name is (none). Therefor dhcpd output log described below. > Jan 7 10:49:24 on-o dhcpd: DHCPDISCOVER from 08:00:46:33:55:77 ((none)) via eth0 > Jan 7 10:49:25
2009 May 04
1
Bug#526911: logcheck: Please set rsyslog as default system log daemon
Package: logcheck Version: 1.2.69 Severity: wishlist User: biebl at debian.org Usertags: goal-rsyslog Hi, since lenny, the default syslog daemon is rsyslog. Please update logcheck to depend on rsyslog | system-log-daemon so the correct default syslog daemon is installed. (btw, the optional | syslog-ng dependency is not required, as syslog-ng does provide system-log-daemon) Cheers, Michael --
2011 Jan 12
3
Bug#609649: cron-apt: Insufficient logcheck patterns
reassign 609649 logcheck-database thanks Hi On Wed, Jan 12, 2011 at 05:40:35PM +0100, Kiss Gabor (Bitman) wrote: > > Thanks for the suggestion, but are you sure that this is actually > > part of cron-apt? I can not find any logcheck rules in the cron-apt > > sources. > > Ooops! You are right, I missed the addressee. :-) > File /etc/logcheck/ignore.d.server/cron-apt
2009 Oct 17
1
Bug#551340: [logcheck-database] Rule in /etc/logcheck/violations.ignore.d/logcheck-su does not match
Package: logcheck-database Version: 1.2.69 Severity: normal Tags: patch Hi, I think that this rule: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-) (pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$ is supposed to filter out lines like: Oct 17 14:49:24 myhost su[13469]: + /dev/pts/1 user1:root It is not working because the pattern dos not include the "/dev/" part and
2005 Apr 29
3
Bug#303661: logcheck: More openntpd improvements
Package: logcheck Version: 1.2.39 Followup-For: Bug #303661 Attached is another entry that suppresses the adjustment messages -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11.7-grsec Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages logcheck depends on: ii
2004 Jun 11
4
Bug#253861: logcheck: Please add support for imapproxy
Package: logcheck Version: 1.2.22a Severity: wishlist There is no support for imapproxy, and it would be a great help if it was added. Following are two sample lines from the syslog: Jun 11 09:36:55 MyHost in.imapproxyd[30845]: LOGOUT: '"MyUser"' from server sd [13] Jun 11 09:37:02 MyHost in.imapproxyd[30846]: LOGIN: '"MyUser"' (xxx.xxx.xxx.xx:yyyyy) on
2005 Jul 11
3
Bug#317741: logcheck-database: fails to ignore properly some lines from 'rbldnsd'
Package: logcheck-database Version: 1.2.40 Severity: normal Tags: patch There are one line that is not properly ignored. I include in the report a better version. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (400, 'testing'), (300, 'unstable'), (200, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale:
2005 Jan 12
3
Bug#290195: violations.d/sudo and violations.ignore.d/logcheck-sudo missing sudo log entries
Package: logcheck Version: 1.2.32 Severity: normal It seems when someone runs a sudo command on my system, logcheck misses it. The second line of /etc/logcheck/violations.d/sudo matches them, but the /etc/logcheck/violations.ignore.d/logcheck-sudo kills them. Furthermore, when users run commands like '$ sudo rm *' in a directory with lots of files, we reports with lines like: Jan 13
2005 Mar 06
3
Bug#298291: logcheck-database: Printer out-of-paper reported
Package: logcheck-database Version: 1.2.34 Severity: minor I have parallel port attached printer and kernel reports whenever printer is out of paper: Mar 6 12:38:50 host kernel: lp0 out of paper However, this is not a situation that should be reported by default (IMHO) by logcheck sending report email. Thus I propose adding following line to ignore.d.workstation/logcheck (possibly to .server
2005 Jan 14
3
Bug#290511: logcheck: syslogd restart in cron.daily/sysklogd causes a log message
Package: logcheck Version: 1.2.32 Severity: wishlist /etc/cron.daily/sysklogd restarts syslogd at the end of the script. This causes a daily log message, currently missed by logcheck: Jan 14 06:55:22 pyloric syslogd 1.4.1#16: restart (remote reception). I'm currently using this regex in ignore.server.d/local-syslogd: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslogd 1\.4\.1#16: restart \(remote
2005 Feb 12
3
Bug#294950: logcheck: ignore.d.server courier imaplogin: DISCONNECTED not matching
Package: logcheck Version: 1.2.34 Severity: normal the ignore.d.server pattern for courier 'imaplogin: DISCONNECTED' does not match the following line: Feb 12 16:19:47 backup imaplogin: DISCONNECTED, user=example at example.com, ip=[::ffff:111.111.111.111], headers=14013, body=0, time=1 This line should be ignored like the other DISCONNECTED messages. Or am I wrong? -- System
2004 Jul 21
4
Bug#260743: logcheck-database: dhcp rule updates for failover support
Package: logcheck-database Version: 1.2.23 Severity: minor Hi, a couple of minor corrections to the dhcp rule sets: First of all, the hostname matching parts need to include the "._-" signs (maybe . is not needed but it might be). Then when using failover, log lines of type DHCPDISCOVER and DHCPREQUEST may be entailed by the string ": load balance to peer <somestring>".
2004 Aug 23
2
Bug#267587: logcheck-database: Additional rule needed for postfix
Package: logcheck-database Version: 1.2.25 Severity: normal postfix/smtpd\[[0-9]+\]: lost connection after (CONNECT|DATA|RCPT|RSET|EHLO|HELO|MAIL) from Please include the above line in the ignore.d/server/postfix file. That catches messages that occur very often on busy Postfix servers. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable')
2006 May 17
2
Bug#367781: logcheck-database: postfix/smtp read timeout (port 25) regexp wrong
Package: logcheck-database Version: 1.2.39 Severity: normal The rule for postfix/smtp read timeout (port 25) doesn't match the actual log message: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+ \[[.0-9]+\]: read timeout \(port 25\)$ A sample log line is: May 17 17:38:16 dp postfix/smtp[12256]: connect to smtpv1.ihs.gov[198.45.3.65]: read timeout (port
2004 Jul 11
2
Bug#254681: logcheck-database: su from cron job not necessarily to "nobody"
Package: logcheck-database Version: 1.2.23 Followup-For: Bug #254681 Please generalize "nobody" to "[_[:alnum:]-]+", as some cron jobs su to other users: Jul 11 06:51:16 tux su[10385]: + ??? root:hinfo Jul 11 06:57:25 tux su[29801]: + ??? root:www-data Thanks. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500,