similar to: Processed: reassign 583155 to logcheck

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch mavisd-new uses SPAMMY since 2.4.1: http://www.mail-archive.com/amavis-user at lists.sourceforge.net/msg05055.html patch attached. -- System Information: Debian Release: 6.0.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux

Package: logcheck-database Version: 1.3.8 Severity: wishlist HI, can you please create a rule/some rules for amavis(d-new). I get for every mail this mesage: May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \ <aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \ Hits:

Package: logcheck-database Version: 1.3.8 Severity: normal After double checking that I had the most up to date logcheck-database :-) I am seeing these lines reported. May 17 15:29:33 localhost named[1765]: error (network unreachable) resolving 'software.majix.org/A/IN': 2001:503:ba3e::2:30#53 I believe that this line was intended to match it. ^\w{3} [ :[:digit:]]{11}

Package: logcheck Version: 1.2.69 The current ruleset "kernel" provided with this logcheck package don't match entries where the kernel timeline has leading spaces, like: [ 42.302707] For example, the following entry: Feb 4 17:05:24 hostname kernel: [ 144.591487] tun: Universal TUN/TAP device driver, 1.6 didn't matched the re: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

Package: logcheck-database Version: 1.2.69 Severity: normal Tags: patch kernel log lines of the form: ...kernel: [1933150.816604] TCP: Treason uncloaked! Peer 0000:0000:0000:0000:0000:ffff:d04e:3f6b:4038/80 shrinks window 2491430013:2491430014. Repaired. are not caught by the current rules. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500,

Package: logcheck Version: 1.3.5 Severity: minor Hi, reading logcheck source it seems that it requires nail for MAILATTACH to work, however it is not suggested/recommended. (JFTR it is debatable if nail is appropriate or something else should be used) thanks, filippo -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500,

Package: logcheck Version: 1.3.3 Severity: normal Tags: patch User: ubuntu-devel at lists.ubuntu.com Usertags: origin-ubuntu karmic ubuntu-patch As reported in https://launchpad.net/bugs/307847: recent dhclient includes the ip address it is releasing and renewing. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhclient(-2.2.x)?: DHCP(NAK|ACK|OFFER) from [.0-9]{7,15}$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

Package: logcheck-database Version: 1.3.5 Severity: normal Hi, I was having a look at logcheck and why I received a "verification failed: Temporary failure in name resolution" as a _system_ message. Turns out that since violations.d/logcheck is empty now, most of the rules in violations.ignore.d look quite useless, can you confirm? I suspect that a big part of those rules should be

Package: logcheck Version: 1.2.69 Severity: normal In the file /etc/logcheck/ignore.d.server/wu-ftpd ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ should be ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd\[[0-9]{4}\]: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ There is a number after "wu-ftpd" -- System

Package: logcheck Version: 1.3.13 Severity: minor Tags: patch In Lenny it was possible to use wildcards in logcheck.logfiles. For example, I used: /var/log/HOSTS/*/*.log root at durer:~# su -s /bin/bash -c "bash -x /usr/sbin/logcheck" logcheck <cut> + read file + logoutput '/var/log/HOSTS/*/*.log' + file='/var/log/HOSTS/*/*.log' + debug 'logoutput called

Package: logcheck-database Version: 1.2.69 Severity: normal File: /etc/logcheck/ignore.d.server/dnsmasq A dnsmasq log about DHCP events has the interface name in it. Interface names are allowed to have a dash (-) in them, but the logcheck filter does not have the dash in it. Please add the dash. -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (500,

Package: logcheck-database Severity: wishlist Tags: patch Hi, some rules for ntpd as i couldn't find any: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: time reset [+-]*[0-9]{1,2}\.[0-9]{6} s$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronisation lost$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: no servers reachable$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

Package: logcheck-database Version: 1.2.69 Severity: wishlist Hello, when newgrp (part of the package login) is used, I see messages like this in my syslog: Aug 27 23:36:16 debian64 newgrp[1975]: user `root' (login `root' on tty1) switched to group `backup' Aug 27 19:28:15 srv1 newgrp[10082]: user `root' (login `mazur' on pts/1) switched to group `backup' Aug 27

Package: logcheck-database Version: 1.2.69 Severity: wishlist Please add the rule ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/bounce\[[[:digit:]]+\]: [:alnum:]+: sender delay notification: [:alnum:]+$ -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (700, 'stable'), (650, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch After upgrading to debian squeeze I get several messages a day in the form of: Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0 This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0

Your message dated Thu, 08 Sep 2011 14:48:50 +0000 with message-id <E1R1fuM-0008SF-9f at franck.debian.org> and subject line Bug#639839: fixed in logcheck 1.3.14 has caused the Debian Bug report #639839, regarding amavisd-new: logcheck "Passed: CLEAN|SPAM" doesn't work because mail-id can contain "-" to be marked as done. This means that you claim that the problem

Package: logcheck Version: 1.2.69 Severity: normal Tags: patch Logcheck's reports contains many messages like: Feb 7 19:03:57 srv dhcpd: DHCPREQUEST for 172.21.0.126 from 00:19:7e:9f:cc:32 (Hostname Unsuitable for Printing) via eth0 Feb 7 19:03:57 srv dhcpd: DHCPACK on 172.21.0.126 to 00:19:7e:9f:cc:32 (Hostname Unsuitable for Printing) via eth0 I create file

Package: logcheck Version: 1.3.7 Severity: normal After installing logcheck on a system it posted an error to the cron mail address hourly. An untrapped script error was posting stderr output to cron. It originated here: # Hostname either fully qualified or not. if [ $FQDN -eq 1 ]; then HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1 else

Processing commands for control at bugs.debian.org: > # fixed in 82f86001 > tags 624197 + pending Bug #624197 [logcheck-database] logcheck-database: update for amavisd-new SPAMMY log entries Added tag(s) pending. > -- Stopping processing here. Please contact me if you need assistance. -- 624197: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624197 Debian Bug Tracking System Contact

Package: logcheck-database Version: 1.2.69 Severity: wishlist (also in version 1.3.10~bpo50+1) Please update the rules for webmin -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ webmin\[[0-9]+\]: Timeout of [[:alnum:]]+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ webmin\[[0-9]+\]: Timeout of( session for)? [[:alnum:]]+$ (Webmin is version 1.517 from virtualmin.com, if that matters) - Tim