Displaying 20 results from an estimated 4000 matches similar to: "Bug#509734: postfix: "submission" stats are not filtered out"
2007 Apr 09
3
Bug#418449: "submission" entry for ignore.d.server/postfix
Package: logcheck
Version: 1.2.54
When Postfix is configured to listen on port tcp/587 by uncommenting the
"submission" line in the postfix master.cf, logcheck does not ignore the
anvil statistics log entries - attached is a patch from the current SVN
trunk.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logcheck_1531.diff
Type: text/x-patch
Size:
2010 May 04
1
Bug#580260: logcheck-database: dkim-filter needs tweak
Package: logcheck-database
Version: 1.3.8
11 hex digits, and "no"
diff -ur logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter
--- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400
+++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04
2007 Sep 26
1
Bug#444097: /etc/logcheck/ignore.d.server/ddclient: 2 rules to get you started
Package: logcheck
Version: 1.2.62
Severity: wishlist
Here are two rules for ddclient, a client for dynamic IP services such
as DynDNS or DynIP:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: SUCCESS: updating [._[:alnum:]-]+: good: IP address set to [:[:xdigit:].]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: WARNING: forcing update of [._[:alnum:]-]+ from
2007 Oct 03
1
Bug#445074: /etc/logcheck/ignore.d.server/ssh: Nasty PTR record
Package: logcheck-database
Version: 1.2.62
Severity: wishlist
File: /etc/logcheck/ignore.d.server/ssh
openssh issues a friendly warning when the remote IP maps back to a
hostname that looks just like an IP address. (For example, the address
206.251.174.31 currently maps back to the hostname "206.251.174.31".)
Here's a rule that filters out these unimportant messages:
^\w{3} [
2010 May 17
1
Bug#582060: logcheck-database: bind network unreachable errors
Package: logcheck-database
Version: 1.3.8
Severity: normal
After double checking that I had the most up to date logcheck-database
:-) I am seeing these lines reported.
May 17 15:29:33 localhost named[1765]: error (network unreachable) resolving 'software.majix.org/A/IN': 2001:503:ba3e::2:30#53
I believe that this line was intended to match it.
^\w{3} [ :[:digit:]]{11}
2006 Jul 07
0
Bug#377276: "Did not receive identification string" warning reappeared
Package: logcheck-database
Version: 1.2.45
Severity: normal
Tags: patch pending confirmed
My bad, sorry.
--- rulefiles/linux/ignore.d.server/ssh 6 Jul 2006 10:16:41 -0000 1.18
+++ rulefiles/linux/ignore.d.server/ssh 7 Jul 2006 19:35:19 -0000
@@ -10,7 +10,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:].]+ \([:[:alnum:].]+\)$
^\w{3} [ :0-9]{11}
2007 Oct 03
2
Bug#445072: /etc/logcheck/violations.ignore.d/logcheck-ssh: Failed password for ...
Package: logcheck-database
Version: 1.2.62
Severity: normal
File: /etc/logcheck/violations.ignore.d/logcheck-ssh
Somewhere between etch and now, ssh stopped reporting failed passwords
as "error: PAM: Authentication failure for foo", and switched to "Failed
password for foo", similar to what it already did for unknown users, but
without the "invalid user" part.
2008 Apr 25
1
Bug#477932: logcheck-database: bind with views - messages not filtered
Package: logcheck-database
Version: 1.2.54
Severity: normal
Tags: patch
When views are used in bind, the logcheck filters don't catch the common
informational log messages.
Added regex bits to the filter definitions.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel:
2008 Jan 24
0
[PATCH] Re-enabled :port portion of "UDPv4 link" openvpn rule
I see that this openvpn rule has been modified to no longer attach the
":port" part to "[undef]" -- probably to reflect a recent change in
openvpn. Unfortunately, the rule no longer matches in etch, thus
breaking the backport.
Here's a patch to match both versions.
Signed-off-by: Fr?d?ric Bri?re <fbriere at fbriere.net>
---
rulefiles/linux/ignore.d.server/openvpn
2007 Mar 04
0
Bug#413364: logcheck ignores cron rules for "session closed" and "session opened"
Package: logcheck
Version: 1.2.54
Severity: normal
In the file ignore.d.paranoid/cron there are the rules
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [[:alnum:]-]+$
to ignore lines like
10:17:01 at 04-03-2007 tooar
2007 Feb 28
0
Bug#330220: Permissions of /var/lock/logcheck not conducive to logcheck user writing to it
Package: logcheck
Version: 1.2.54
Followup-For: Bug #330220
root at ns2:/# ls -l /var/lock/
total 4
drwxr-xr-x 2 root root 4096 2007-01-30 15:40 logcheck
I think chmod 775 on that file would fix this problem...
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked
2007 Jun 11
0
Bug#428428: patch for cron ignore rule
Package: logcheck
Version: 1.2.54
Severity: normal
Tags: patch
On my system, this ignore rule needs /usr/bin/ in front of the cron command, or the rule fails to match.
hostname:/etc/logcheck/ignore.d.server# diff cron cron.old
1c1
< ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (/usr/bin/)?crontab\[[0-9]+\]: \([[:alnum:]-]+\) LIST \([[:alnum:]-]+\)$
---
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2007 Jul 04
1
Bug#425035: hylafax-server: missing logcheck rule
package hylafax-server
reassign 425035 logcheck-database 1.2.56
thanks
I am reassigning this bug report since the hylafax logcheck rule is
distributed in package logcheck-database.
Bye,
Giuseppe
2010 Jun 14
0
[PATCH] i.d.s/postfix: fixed policyd-weight patterns
At least the policyd-weight in lenny seems to generate quite different
patterns. For example the 'rate' is output multiple times in some
situations, the 'check from' is omited sometimes and somehow those log
messages have a trailing blank.
With those patterns logcheck stays silent again.
Signed-off-by: Mathias Krause <minipli at googlemail.com>
---
2007 Sep 14
2
Bug#442244: logcheck-database: should include the filters from cyrus-imapd-2.2
Package: logcheck-database
Version: 1.2.54
Severity: normal
The included filters for cyrus (/etc/logcheck/ignore.d.server/cyrus) are very minimal. The cyrus-imapd-2.2 has a more
extensive ruleset (there's a /etc/logcheck/ignore.d.server/cyrus2_2 file in that package).
Please copy over the filters from cyrus-imapd-2.2. I'm running logcheck on a loghost, which doesn't run cyrus
2007 Nov 25
1
Bug#452879: Logcheck doesn't ignore smbd_audit logs
Package: Logcheck
Version: 1.2.54
Distro: Debian Etch (stable)
Kernel: 2.6.18-5-686 #1 SMP
I'm trying to force logcheck (reportlevel=server) to ignore smbd_audit logs.
smbd_audit is a vfs module of samba. It writes logs into /var/log/syslog file.
Typical log looks like this:
Oct 24 08:36:14 server4 smbd_audit: Documents|Johnson|192.168.50.19|unlink
ok|Projects/doc1.pdf
I've added the
2007 May 07
0
Bug#422618: logcheck-database: crontab should be /usr/bin/crontab
Package: logcheck-database
Version: 1.2.54
Severity: normal
Hello,
it seems crontab reports it's whole path in syslog :
May 6 16:00:03 eckmul /usr/bin/crontab[9722]: (root) LIST (nobody)
I don't have other messages from it in my logs, so I can't comment on
the other lines in /etc/logcheck/ignore.d.server/cron , but I had to
modify the LIST one with /usr/bin/crontab
Thanks,
--
2008 Sep 17
2
Bug#499323: logcheck-database: Logcheck fails to ignore certain OpenVPN messages
Package: logcheck-database
Version: 1.2.54
Severity: normal
Tags: patch
Logcheck fails to ignore certain lines generated by OpenVPN; the attached patch
fixes several regular expressions:
* OpenVPN does not print the full path to ifconfig or route (at least here)
* The interface name can also contain dots and does not always start with "tun"
* The startup messages now gets suppressed
2007 Sep 23
0
Bug#443171: [PATCH] ignore acpid clients disconnecting
- ignore messages "acpid: client has disconnected"
Signed-off-by: Hanspeter Kunz <hp at edelkunz.ch>
---
rulefiles/linux/ignore.d.server/acpid | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/acpid b/rulefiles/linux/ignore.d.server/acpid
index 034ddf1..faebe1e 100644
--- a/rulefiles/linux/ignore.d.server/acpid
+++
2007 May 25
0
Bug#425967: logcheck-database: The patterns for courier-imap-ssl do not match imap, only imap-ssl
Package: logcheck-database
Version: 1.2.54
Severity: minor
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.2-dp0
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15)
Versions of packages logcheck-database depends