Displaying 20 results from an estimated 3000 matches similar to: "Bug#580260: logcheck-database: dkim-filter needs tweak"
2008 Apr 28
1
Bug#478334: logcheck doesn't know about dkim-filter
Package: logcheck-database
Version: 1.2.63
> Apr 28 17:02:39 naam dkim-filter[15536]: 570BA180CE: bad signature data
> Apr 28 17:03:20 naam dkim-filter[15536]: A08D2180CE: bad signature data
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE SSL error:04077068:rsa routines:RSA_verify:bad signature
> Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE: bad signature data
> Apr 28
2006 Jul 07
0
Bug#377276: "Did not receive identification string" warning reappeared
Package: logcheck-database
Version: 1.2.45
Severity: normal
Tags: patch pending confirmed
My bad, sorry.
--- rulefiles/linux/ignore.d.server/ssh 6 Jul 2006 10:16:41 -0000 1.18
+++ rulefiles/linux/ignore.d.server/ssh 7 Jul 2006 19:35:19 -0000
@@ -10,7 +10,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: refused connect from [:[:alnum:].]+ \([:[:alnum:].]+\)$
^\w{3} [ :0-9]{11}
2007 Sep 23
0
Bug#443171: [PATCH] ignore acpid clients disconnecting
- ignore messages "acpid: client has disconnected"
Signed-off-by: Hanspeter Kunz <hp at edelkunz.ch>
---
rulefiles/linux/ignore.d.server/acpid | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/acpid b/rulefiles/linux/ignore.d.server/acpid
index 034ddf1..faebe1e 100644
--- a/rulefiles/linux/ignore.d.server/acpid
+++
2008 Jan 24
0
[PATCH] Re-enabled :port portion of "UDPv4 link" openvpn rule
I see that this openvpn rule has been modified to no longer attach the
":port" part to "[undef]" -- probably to reflect a recent change in
openvpn. Unfortunately, the rule no longer matches in etch, thus
breaking the backport.
Here's a patch to match both versions.
Signed-off-by: Fr?d?ric Bri?re <fbriere at fbriere.net>
---
rulefiles/linux/ignore.d.server/openvpn
2010 Jun 14
0
[PATCH] i.d.s/postfix: fixed policyd-weight patterns
At least the policyd-weight in lenny seems to generate quite different
patterns. For example the 'rate' is output multiple times in some
situations, the 'check from' is omited sometimes and somehow those log
messages have a trailing blank.
With those patterns logcheck stays silent again.
Signed-off-by: Mathias Krause <minipli at googlemail.com>
---
2010 May 17
1
Bug#582060: logcheck-database: bind network unreachable errors
Package: logcheck-database
Version: 1.3.8
Severity: normal
After double checking that I had the most up to date logcheck-database
:-) I am seeing these lines reported.
May 17 15:29:33 localhost named[1765]: error (network unreachable) resolving 'software.majix.org/A/IN': 2001:503:ba3e::2:30#53
I believe that this line was intended to match it.
^\w{3} [ :[:digit:]]{11}
2007 Sep 26
1
Bug#444097: /etc/logcheck/ignore.d.server/ddclient: 2 rules to get you started
Package: logcheck
Version: 1.2.62
Severity: wishlist
Here are two rules for ddclient, a client for dynamic IP services such
as DynDNS or DynIP:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: SUCCESS: updating [._[:alnum:]-]+: good: IP address set to [:[:xdigit:].]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[[:digit:]]+\]: WARNING: forcing update of [._[:alnum:]-]+ from
2008 Jan 24
0
[PATCH] Added "Re-using pre-shared static key" openvpn rule
Signed-off-by: Fr?d?ric Bri?re <fbriere at fbriere.net>
---
rulefiles/linux/ignore.d.server/openvpn | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/openvpn b/rulefiles/linux/ignore.d.server/openvpn
index 68ebf8f..c57e3cb 100644
--- a/rulefiles/linux/ignore.d.server/openvpn
+++ b/rulefiles/linux/ignore.d.server/openvpn
@@ -13,7 +13,7
2011 Dec 31
0
[PATCH] i.d.s/openvpn: support 'remote-cert-tls (server|client)'
From: Simon Deziel <simon.deziel at gmail.com>
Fixes LP: #806537
Signed-off-by: Simon Deziel <simon.deziel at gmail.com>
---
rulefiles/linux/ignore.d.server/openvpn | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/rulefiles/linux/ignore.d.server/openvpn b/rulefiles/linux/ignore.d.server/openvpn
index 2b4bfd6..d80f42f 100644
---
2007 Oct 03
1
Bug#445074: /etc/logcheck/ignore.d.server/ssh: Nasty PTR record
Package: logcheck-database
Version: 1.2.62
Severity: wishlist
File: /etc/logcheck/ignore.d.server/ssh
openssh issues a friendly warning when the remote IP maps back to a
hostname that looks just like an IP address. (For example, the address
206.251.174.31 currently maps back to the hostname "206.251.174.31".)
Here's a rule that filters out these unimportant messages:
^\w{3} [
2007 Oct 03
2
Bug#445072: /etc/logcheck/violations.ignore.d/logcheck-ssh: Failed password for ...
Package: logcheck-database
Version: 1.2.62
Severity: normal
File: /etc/logcheck/violations.ignore.d/logcheck-ssh
Somewhere between etch and now, ssh stopped reporting failed passwords
as "error: PAM: Authentication failure for foo", and switched to "Failed
password for foo", similar to what it already did for unknown users, but
without the "invalid user" part.
2011 Apr 16
0
Bug#623058: logcheck: tweak 'rsyslogd was HUPed' filter
Package: logcheck
Version: 1.3.13
Severity: minor
Tags: patch
Hi,
Logcheck reports messages of the form:
Mar 15 06:25:26 foohost rsyslogd: [origin software="rsyslogd" swVersion="5.7.6" x-pid="3301" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
I suggest the following tweak to /etc/logcheck/ignore.d.server/rsyslog:
diff -u
2004 Oct 13
2
Bug#276317: logcheck-database: Namechange for ISC in /etc/logcheck/ignore.d.server/dhcp
Package: logcheck-database
Version: 1.2.28
Severity: normal
Hi,
the Internet Software Consortium changed the name to Internet Systems Consortium.
For a fix for the logcheck rules see the attachment.
-- System Information:
Debian Release: 3.0
APT prefers testing
APT policy: (600, 'testing'), (100, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel:
2008 Dec 25
1
Bug#509734: postfix: "submission" stats are not filtered out
Package: logcheck-database
Version: 1.2.54
/etc/logcheck/ignore.d.server/postfix specifies a filter rule to filter
out anvil statistic logging:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics:
max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for
\(([.:[:xdigit:]]+)?(smtp(s)?|25|587):[.:[:xdigit:]]+\) at \w{3} [
:0-9]{11}$
If Postfix on port 587 is configured
2006 Dec 19
0
Bug#403758: Logcheck rules for Snort
Package: logcheck-database
Hey,
I created a logcheck ignore file for Snort with stuff I don't
particularly want to see every day. The one line with the warning in it is
questionable, so leave it in or out at your discretion. Also, my regex
skills are not as good as they could be, so there are probably mistakes, or
things that could be simplified more. Rules are below:
^\w{3} [
2006 May 30
2
Bug#369603: logcheck-database: new rule for dhcpd
Package: logcheck-database
Version: 1.2.44
Severity: minor
Tags: patch
Hi,
This patch changes one rule for dhcpd. It adds support for log lines of the following format:
May 30 19:36:57 server dhcpd: DHCPACK to 10.10.10.10 (aa:bb:cc:dd:ee:ff) via eth1
Regards,
Robbert
--- /root/dhcp 2006-05-30 21:50:24.000000000 +0200
+++ dhcp 2006-05-30 23:27:06.000000000 +0200
@@ -18,7 +18,7 @@
2007 May 25
0
Bug#425967: logcheck-database: The patterns for courier-imap-ssl do not match imap, only imap-ssl
Package: logcheck-database
Version: 1.2.54
Severity: minor
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.2-dp0
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15)
Versions of packages logcheck-database depends
2006 Jan 07
2
Bug#346350: logcheck-database: dhcp3-server ignores need to include (none ) client host name
Package: logcheck-database
Version: 1.2.39
Severity: normal
I use dhcp3-server and a dhcp client which is Sony HDD video recorder
CoCoon. The client not return client host name.
In this case, dhcpd server assumed the client host name is (none).
Therefor dhcpd output log described below.
> Jan 7 10:49:24 on-o dhcpd: DHCPDISCOVER from 08:00:46:33:55:77 ((none)) via eth0
> Jan 7 10:49:25
2010 Jul 28
1
Bug#590679: [logcheck-database] rules for ntpd
Package: logcheck-database
Severity: wishlist
Tags: patch
Hi,
some rules for ntpd as i couldn't find any:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: time reset
[+-]*[0-9]{1,2}\.[0-9]{6} s$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronisation
lost$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: no servers
reachable$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+
2004 Jun 21
2
Bug#255560: logcheck-database: More Postfix rules
Package: logcheck-database
Version: 1.2.22a
Severity: normal
Thanks to the upgrade to Postfix 2.1 and deploying a newer logcheck
ruleset on a busier server I've found a bunch more rules for Postfix.
I've attached new rules files and patches are inline.
The following patch is for violations.ignore.d:
--- logcheck-postfix.orig 2004-06-21 20:11:14.000000000 +0100
+++ logcheck-postfix