Displaying 20 results from an estimated 3000 matches similar to: "Bug#499323: logcheck-database: Logcheck fails to ignore certain OpenVPN messages"
2006 May 21
2
Bug#368313: logcheck-database: new postfix violations ignore rule
Package: logcheck-database
Version: 1.2.39
Severity: wishlist
Hi,
I'd like to add the following rule to /etc/logcheck/violations.ignore.d/logcheck-postfix :
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: NOQUEUE: reject: RCPT from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]: 554 <[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]>:
2004 Oct 13
2
Bug#276317: logcheck-database: Namechange for ISC in /etc/logcheck/ignore.d.server/dhcp
Package: logcheck-database
Version: 1.2.28
Severity: normal
Hi,
the Internet Software Consortium changed the name to Internet Systems Consortium.
For a fix for the logcheck rules see the attachment.
-- System Information:
Debian Release: 3.0
APT prefers testing
APT policy: (600, 'testing'), (100, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel:
2004 Oct 21
3
Bug#277636: logcheck-database: support for dnsmasq
Package: logcheck-database
Version: 1.2.28
Severity: wishlist
Could you add support for dnsmasq for the server profile?
This is the standard dnsmasq output.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: read /etc/hosts - [[:digit:]]+ addresses$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: reading /etc/resolv.conf$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2009 Jun 10
1
Bug#532719: logcheck-database: filter pam_env complaining about missing /etc/default/locale
Package: logcheck-database
Version: 1.2.69
Severity: normal
on systems without configured global locale, i get lines like this in
the logcheck filtered logs:
Jun 10 21:12:13 ... sshd[9729]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
this looks like a warning that is perfectly ok but does not do any harm
and occurs because when no global locale
2005 Apr 02
3
Bug#302744: logcheck-database: postfix rules
Package: logcheck-database
Version: 1.2.36
Severity: wishlist
Hello,
I recently blew away my old logcheck-databse and lost a number of changes that i had made to postfix entries. The default database for postfix reports the
following errors that do not seem to be important...
Apr 2 13:00:19 terminus postfix/local[29516]: 574B9B3B9F: to=<doug at localhost>, relay=local, delay=13,
2006 Jan 07
2
Bug#346350: logcheck-database: dhcp3-server ignores need to include (none ) client host name
Package: logcheck-database
Version: 1.2.39
Severity: normal
I use dhcp3-server and a dhcp client which is Sony HDD video recorder
CoCoon. The client not return client host name.
In this case, dhcpd server assumed the client host name is (none).
Therefor dhcpd output log described below.
> Jan 7 10:49:24 on-o dhcpd: DHCPDISCOVER from 08:00:46:33:55:77 ((none)) via eth0
> Jan 7 10:49:25
2009 May 04
1
Bug#526911: logcheck: Please set rsyslog as default system log daemon
Package: logcheck
Version: 1.2.69
Severity: wishlist
User: biebl at debian.org
Usertags: goal-rsyslog
Hi,
since lenny, the default syslog daemon is rsyslog. Please update
logcheck to depend on
rsyslog | system-log-daemon
so the correct default syslog daemon is installed.
(btw, the optional | syslog-ng dependency is not required, as syslog-ng
does provide system-log-daemon)
Cheers,
Michael
--
2011 Jan 12
3
Bug#609649: cron-apt: Insufficient logcheck patterns
reassign 609649 logcheck-database
thanks
Hi
On Wed, Jan 12, 2011 at 05:40:35PM +0100, Kiss Gabor (Bitman) wrote:
> > Thanks for the suggestion, but are you sure that this is actually
> > part of cron-apt? I can not find any logcheck rules in the cron-apt
> > sources.
>
> Ooops! You are right, I missed the addressee. :-)
> File /etc/logcheck/ignore.d.server/cron-apt
Bug#551340: [logcheck-database] Rule in /etc/logcheck/violations.ignore.d/logcheck-su does not match
2009 Oct 17
1
Bug#551340: [logcheck-database] Rule in /etc/logcheck/violations.ignore.d/logcheck-su does not match
Package: logcheck-database
Version: 1.2.69
Severity: normal
Tags: patch
Hi,
I think that this rule:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-)
(pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
is supposed to filter out lines like:
Oct 17 14:49:24 myhost su[13469]: + /dev/pts/1 user1:root
It is not working because the pattern dos not include the "/dev/" part
and
2005 Apr 29
3
Bug#303661: logcheck: More openntpd improvements
Package: logcheck
Version: 1.2.39
Followup-For: Bug #303661
Attached is another entry that suppresses the adjustment messages
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11.7-grsec
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages logcheck depends on:
ii
2004 Jun 11
4
Bug#253861: logcheck: Please add support for imapproxy
Package: logcheck
Version: 1.2.22a
Severity: wishlist
There is no support for imapproxy, and it would be a great help if it
was added. Following are two sample lines from the syslog:
Jun 11 09:36:55 MyHost in.imapproxyd[30845]: LOGOUT: '"MyUser"' from
server sd [13]
Jun 11 09:37:02 MyHost in.imapproxyd[30846]: LOGIN: '"MyUser"'
(xxx.xxx.xxx.xx:yyyyy) on
2005 Jul 11
3
Bug#317741: logcheck-database: fails to ignore properly some lines from 'rbldnsd'
Package: logcheck-database
Version: 1.2.40
Severity: normal
Tags: patch
There are one line that is not properly ignored. I include in the report
a better version.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (400, 'testing'), (300, 'unstable'), (200, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale:
2005 Jan 12
3
Bug#290195: violations.d/sudo and violations.ignore.d/logcheck-sudo missing sudo log entries
Package: logcheck
Version: 1.2.32
Severity: normal
It seems when someone runs a sudo command on my system, logcheck misses
it.
The second line of /etc/logcheck/violations.d/sudo matches them, but
the /etc/logcheck/violations.ignore.d/logcheck-sudo kills them.
Furthermore, when users run commands like '$ sudo rm *' in a directory
with lots of files, we reports with lines like:
Jan 13
2005 Mar 06
3
Bug#298291: logcheck-database: Printer out-of-paper reported
Package: logcheck-database
Version: 1.2.34
Severity: minor
I have parallel port attached printer and kernel reports whenever
printer is out of paper:
Mar 6 12:38:50 host kernel: lp0 out of paper
However, this is not a situation that should be reported by default
(IMHO) by logcheck sending report email. Thus I propose adding
following line to ignore.d.workstation/logcheck (possibly to .server
2005 Jan 14
3
Bug#290511: logcheck: syslogd restart in cron.daily/sysklogd causes a log message
Package: logcheck
Version: 1.2.32
Severity: wishlist
/etc/cron.daily/sysklogd restarts syslogd at the end of the script.
This causes a daily log message, currently missed by logcheck:
Jan 14 06:55:22 pyloric syslogd 1.4.1#16: restart (remote reception).
I'm currently using this regex in ignore.server.d/local-syslogd:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslogd 1\.4\.1#16: restart \(remote
2005 Feb 12
3
Bug#294950: logcheck: ignore.d.server courier imaplogin: DISCONNECTED not matching
Package: logcheck
Version: 1.2.34
Severity: normal
the ignore.d.server pattern for courier 'imaplogin: DISCONNECTED' does
not match the following line:
Feb 12 16:19:47 backup imaplogin: DISCONNECTED,
user=example at example.com, ip=[::ffff:111.111.111.111],
headers=14013, body=0, time=1
This line should be ignored like the other DISCONNECTED messages. Or am
I wrong?
-- System
2004 Jul 21
4
Bug#260743: logcheck-database: dhcp rule updates for failover support
Package: logcheck-database
Version: 1.2.23
Severity: minor
Hi,
a couple of minor corrections to the dhcp rule sets:
First of all, the hostname matching parts need to include the "._-"
signs (maybe . is not needed but it might be).
Then when using failover, log lines of type DHCPDISCOVER and DHCPREQUEST
may be entailed by the string ": load balance to peer <somestring>".
2004 Aug 23
2
Bug#267587: logcheck-database: Additional rule needed for postfix
Package: logcheck-database
Version: 1.2.25
Severity: normal
postfix/smtpd\[[0-9]+\]: lost connection after (CONNECT|DATA|RCPT|RSET|EHLO|HELO|MAIL) from
Please include the above line in the ignore.d/server/postfix file. That
catches messages that occur very often on busy Postfix servers.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
2006 May 17
2
Bug#367781: logcheck-database: postfix/smtp read timeout (port 25) regexp wrong
Package: logcheck-database
Version: 1.2.39
Severity: normal
The rule for postfix/smtp read timeout (port 25) doesn't match the
actual log message:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+ \[[.0-9]+\]: read timeout \(port 25\)$
A sample log line is:
May 17 17:38:16 dp postfix/smtp[12256]: connect to smtpv1.ihs.gov[198.45.3.65]: read timeout (port
2004 Jul 11
2
Bug#254681: logcheck-database: su from cron job not necessarily to "nobody"
Package: logcheck-database
Version: 1.2.23
Followup-For: Bug #254681
Please generalize "nobody" to "[_[:alnum:]-]+", as some cron jobs
su to other users:
Jul 11 06:51:16 tux su[10385]: + ??? root:hinfo
Jul 11 06:57:25 tux su[29801]: + ??? root:www-data
Thanks.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500,