similar to: /usr/sbin/logcheck: line 100: kill: (24333) - No such process

Package: logcheck Version: 1.3.14 Severity: normal Tags: patch I keep getting these messages logged, when under high load. This patch should clean that up. commit 72661acccafa519fcb48a6a756e5c35d96e7511d Author: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> Date: Fri Jan 27 16:08:33 2012 +0100 Workaround for error: /usr/sbin/logcheck: line 100: kill: (31667)

Package: logcheck Version: 1.3.13 Severity: normal Hi, at present my logcheck is into 33 minutes of cpu time for running the ignore/innd rule, when the innd package is not installed. If running logcheck against only locally created logfiles, there should be a configuration option to only run logcheck against installed (or non-purged) packages. -- System Information: Debian Release: squeeze/sid

Package: logcheck Version: 1.3.13 Severity: normal Various files under ignore.d.* use "[0-9.]{7,15}" to match an IPv4 address, e.g., a connection to rsyncd. However, this does not match IPv6 addresses, causing spurious reports. A better regexp might be something like: ([0-9.]{7,15}|[0-9a-f:]{2,39}) -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (990,

Package: logcheck Version: 1.3.13 Severity: minor Tags: patch Hi, Logcheck reports messages of the form: Mar 15 06:25:26 foohost rsyslogd: [origin software="rsyslogd" swVersion="5.7.6" x-pid="3301" x-info="http://www.rsyslog.com"] rsyslogd was HUPed I suggest the following tweak to /etc/logcheck/ignore.d.server/rsyslog: diff -u

Processing commands for control at bugs.debian.org: > reassign 623058 rsyslog Bug #623058 [logcheck] logcheck: tweak 'rsyslogd was HUPed' filter Bug reassigned from package 'logcheck' to 'rsyslog'. Bug No longer marked as found in versions logcheck/1.3.13. > thanks Stopping processing here. Please contact me if you need assistance. -- 623058:

Package: logcheck Version: 1.3.13 Severity: minor Tags: patch In Lenny it was possible to use wildcards in logcheck.logfiles. For example, I used: /var/log/HOSTS/*/*.log root at durer:~# su -s /bin/bash -c "bash -x /usr/sbin/logcheck" logcheck <cut> + read file + logoutput '/var/log/HOSTS/*/*.log' + file='/var/log/HOSTS/*/*.log' + debug 'logoutput called

Package: logcheck-database Version: 1.3.13 Severity: wishlist Hi, scponly-full (using 4.8-4.1) in Debian is compiled with additional support for rsync, unison and SVN. However, the logcheck rule is based on the original version and doesn't include those commands in the regexp. Please add those three commands to the regexp. Best regards, Markus -- System Information: Debian Release:

Package: logcheck-database Version: 1.3.13 Severity: minor Change the rule to clean "Generated config for" from "seconds" to "s". Corrected version: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ bcfg2-server\[[0-9]+\]: Generated config for\ [._[:alnum:]-]+ in [0-9.]+ s$ -- System Information: Debian Release: 6.0.2 APT prefers stable APT policy: (500, 'stable')

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch mavisd-new uses SPAMMY since 2.4.1: http://www.mail-archive.com/amavis-user at lists.sourceforge.net/msg05055.html patch attached. -- System Information: Debian Release: 6.0.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux

Package: logcheck-database Version: 1.3.13 Severity: wishlist Hi, after upgrading Postfix from 2.7.1-1 to 2.8.1-1 (using testing) parts of the log format from postfix/smtpd have changed. This problem only seems to trigger when accepting connections in smtpd using XFORWARD (http://www.postfix.org/XFORWARD_README.html), for example when Amavisd-new reinjects mail to postfix. The new log lines

Hi, after we switched to rsyslog with high precision timestamps logcheck did not match the timestamps any more. A patch adding the high precision timestamp format is attached. The rules now match both the traditional timestamp format and the high precision timestamp format (with or without microseconds). Yours sincerely, Ralf D?blitz -- Ralf D?blitz r.doeblitz at asco.de Tel 0531/3906-116

Package: logcheck-database Version: 1.3.13 Severity: normal The rule for SSH ignoring "Bad protocol version identification" assumes there are no single quotes inside the version string ('[^']'). I am however getting mails including those lines: Mar 25 22:57:04 Debian-60-squeeze-64-minimal sshd[12144]: Bad protocol version identification

Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch After upgrading to debian squeeze I get several messages a day in the form of: Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0 This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0

Processing commands for control at bugs.debian.org: > reassign 648146 logcheck-database 1.3.13 Bug #648146 [logcheck-database-1.3.13] ignore.d.server/ssh is too aggressive Warning: Unknown package 'logcheck-database-1.3.13' Bug reassigned from package 'logcheck-database-1.3.13' to 'logcheck-database'. Bug No longer marked as found in versions squeeze. Bug #648146

Package: logcheck Version: 1.2.56 Followup-For: Bug #429384 I get the following message in my e-mail from cron: Cron <logcheck at entercom> if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck; fi /usr/sbin/logcheck: line 645: mktemp: command not found /usr/sbin/logcheck: line 646: mktemp: command not found rm: too few arguments Try `rm --help' for more information.

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.9.20 > package logcheck logcheck-database logtail Ignoring bugs not assigned to: logcheck-database logtail logcheck > tags 354820 + pending Bug#354820: rules to filter out entries caused by ssh scanners Tags were: patch Tags added: pending > tags 355085 + pending

Hello I try to execute logcheck from a php page. So I have create a php page with a button which allow to run logcheck like this : /usr/sbin/logcheck -o > /var/log/logcheck (I want to put the result in a file logcheck, that's why I use the option -o) I have put www-data in the groupe adm : "adduser www-data adm" And after if I run logcheck like this for exemple:

On Wed, 05 Jan 2005, CVS User ttroxell wrote: > @@ -70,6 +70,10 @@ > chown logcheck /var/lock/logcheck > /dev/null 2>&1 || true > fi > > + # fix for #284788 > + # update timestamp on cron > + touch /etc/cron.d/logcheck || true > + > ;; > > abort-upgrade|abort-remove|abort-deconfigure) on a box with a broken coreutils install

Hello, I'm having this error: Warning: If you are seeing this message, your log files may not have been checked! Details: Could not run logtail or save output Check temporary directory: /tmp/logcheck.EIX3jp declare -x HOME="/var/lib/logcheck" declare -x LANG="en_US" declare -x LANGUAGE="en_US:en_GB:en" declare -x LOGNAME="logcheck" declare -x

Package: logcheck-database Version: 1.2.54 Severity: normal Tags: patch Logcheck fails to ignore certain lines generated by OpenVPN; the attached patch fixes several regular expressions: * OpenVPN does not print the full path to ifconfig or route (at least here) * The interface name can also contain dots and does not always start with "tun" * The startup messages now gets suppressed