similar to: Bug#463793: rsyslogd restarts are not ignored

Package: logcheck-database Version: 1.2.63 Severity: normal --- Please enter the report below this line. --- In fact, there does not appear to be any consideration of rsyslogd's behavior. Attached is a rule to ignore restarts. --- System information. --- Architecture: i386 Kernel: Linux 2.6.22-3-686 Debian Release: lenny/sid 990 testing ftp.debian.org 600 unstable

Package: logcheck-database Version: 1.2.68 Severity: minor openssh-server version 1:5.1p1-2 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$ should look like ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ \[[.[:alnum:]:]+\] failed -

Package: logcheck Version: 1.3.4 Severity: normal I am running debian/testing and just upgraded to logcheck 1.3.4 and it started reporting the error: mkdir: cannot create directory `/var/lock/logcheck': Permission denied I created the directory and chown'd it to logcheck and it seems fine now. Looking at the changelog, I see something was purposefully changed, so I imagine I

Hi, I'm quite a fan of logcheck and have been using it since setting up my sites, and I recently saw madduck's call for help on logcheck at debaday.[0] How can I help? [0] http://debaday.debian.net/2009/07/19/logcheck-brilliantly-simple-log-monitoring/ P.S. Please CC me on replies, thanks! -- Zak B. Elep -- 1486 7957 454D E529 E4F1 F75E 5787 B1FD FA53 851D I like the idea of 256

Package: logcheck Version: 1.3.3 Severity: wishlist Tags: patch Ali Saidi submitted rules for amd from the am-utils package to Ubuntu at https://bugs.launchpad.net/ubuntu/+source/logcheck/+bug/91438 The provided rules are located at: http://launchpadlibrarian.net/6728953/amd Please consider including them in the next release. I've asked where to put them, but it should probably the

Hi guys, now that violations.d/logcheck is empty, violations.ignore.d/logcheck-* are useless and many messages that were previously elevated and filtered there now turn up as system events. Thus, I went ahead and merged violations.ignore.d/logcheck-* into ignore.d.*/* in the viol-merge branch. http://git.debian.org/?p=logcheck/logcheck.git;a=shortlog;h=refs/heads/viol-merge Unless I hear

I have rules like this on my servers: ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[[:digit:].]{7,15}\]\) (- )USER [-_.[:alnum:]]+: no such user found from [._[:alnum:]-]+ \[[[:digit:].]{7,15}\]\ to [[:digit:].]{7,15}:21$ basically, I just don't care about logins as nonexistent users, I get so many of those that I don't even

Package: courier-imap-ssl,logcheck-database Severity: wishlist Please move /etc/logcheck/*/courier to the courier packages and out of logcheck-database. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked

apt-get install svn-buildpackage cat <<_eof >> ~/.svn-buildpackage.conf svn-lintian svn-linda svn-move _eof mkdir logcheck; cd logcheck svn co svn+ssh://svn.debian.org/svn/logcheck/logcheck/trunk cd trunk svn-buildpackage -k<your key ID> -rfakeroot man svn-buildpackage for more. Nice, huh? -- .''`. martin f. krafft <madduck at debian.org> : :' :

Package: logcheck-database Version: 1.3.13 Severity: wishlist Hi, scponly-full (using 4.8-4.1) in Debian is compiled with additional support for rsync, unison and SVN. However, the logcheck rule is based on the original version and doesn't include those commands in the regexp. Please add those three commands to the regexp. Best regards, Markus -- System Information: Debian Release:

Hi, I've got a few logcheck ignore.d rules that I'd like to submit, one example is sqlgrey. /usr/share/doc/logcheck/README.maintainer talks about shipping the rules inside the package itself, so I could file a request with sqlgrey. However, that doesn't work because of course I don't have all the packages I use on my network installed on my loghost. In fact, I believe that

Package: logcheck-database Version: 1.2.54 Severity: normal The included filters for cyrus (/etc/logcheck/ignore.d.server/cyrus) are very minimal. The cyrus-imapd-2.2 has a more extensive ruleset (there's a /etc/logcheck/ignore.d.server/cyrus2_2 file in that package). Please copy over the filters from cyrus-imapd-2.2. I'm running logcheck on a loghost, which doesn't run cyrus

Package: logcheck-database Version: 1.2.54 Severity: normal I recently created a bridge with the name xen-local. The DHCP server gets requests via this bridge. I got spammed with logcheck messages about DHCPREQUESTS and the lot because the name of the interface in the logcheck-database does not match on names with a dash in it. -- System Information: Debian Release: 4.0 APT prefers stable

Package: logcheck-database Version: 1.3.13 Severity: wishlist Hi, after upgrading Postfix from 2.7.1-1 to 2.8.1-1 (using testing) parts of the log format from postfix/smtpd have changed. This problem only seems to trigger when accepting connections in smtpd using XFORWARD (http://www.postfix.org/XFORWARD_README.html), for example when Amavisd-new reinjects mail to postfix. The new log lines

Package: logcheck-database Version: 1.2.63 Severity: wishlist Hi, Can you add rule to filter out following messages: System Events =-=-=-=-=-=-= May 15 07:44:48 niko syslog-ng[21911]: Configuration reload request received, reloading configuration; Best regards Andrei Emeltchenko -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'),

Package: logcheck Version: 1.2.69 Severity: normal logcheck is a "batchy" job, but currently runs at normal I/O priority, and is hard-coded to run with a niceness of 10. As a result logcheck can degrade interactive performance on machines with a lot of log traffic, relatively slow CPU or expensive I/O. It'd be useful if the "ionice" and "schedtool" utilities

I ran into the same problem after somebody uninstalled logcheck and I re-installed it. It turned out that the ownership of /var/lock/logcheck where root:root - sudo chown logcheck:logcheck /var/lock/logcheck solved it. I see that there already is a check for the permissions in the postinst which (as far as I can see) *should* have fixed the permissions and ownership there. When re-installing

Hello, I'm tasked with establishing a persistent SSH connection across a very unreliable link, for a remote port forward (always port 2217). I figured I'd use ServerAliveInterval to make sure that the ssh(1) process dies when the connection appears down, and I use systemd to restart it in this case. This works fine. What does not work fine, however, is the server-side. If the connection

Package: logcheck Severity: wishlist I see no reason why /etc/logcheck should have any more permissions than 0750. Please consider removing access rights from 'other'. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686)

Dear list, I am running dovecot 1.2.15 on a Debian server. One user reports continuous problems synchronising her mailbox via IMAP (offlineimap, via SSH tunnel or SSL socket). It seems that she has a large, locally-created message, but the uplink bandwidth seems to be not enough to push it before dovecot times out the APPEND command. The error/exception happens inside offlineimap's Python