[Logcheck-commits] CVS logcheck/rulefiles/linux/ignore.d.server
CVS User maks-guest
logcheck-devel@lists.alioth.debian.org
Fri, 14 May 2004 06:14:12 -0600
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server
In directory haydn:/tmp/cvs-serv29987/rulefiles/linux/ignore.d.server
Modified Files:
postfix ssh
Added Files:
bind rpc_statd
Log Message:
new rules from weasel at #debian.de.
nice stuff for worstation and small enhancement for server.
--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/postfix 2004/05/13 18:32:42 1.8
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/postfix 2004/05/14 12:14:12 1.9
@@ -1,7 +1,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/nqmgr\[[0-9]+\]: [[:alnum:]]+: skipped, still being delivered$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/nqmgr\[[0-9]+\]: [[:alnum:]]+: from=<.*>, status=expired, returned to sender$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/nqmgr\[[0-9]+\]: [[:alnum:]]+: message-id=<.*>( \(.*\))?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:alnum:]]+: message-id=<.*>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:alnum:]]+: message-id=<.*>( \(.*\))?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: unable to open Berkeley db /etc/sasldb: No such file or directory$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(smtp|smtpd)\[[0-9]+\]: verify error:num=10:certificate has expired$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(smtp|smtpd)\[[0-9]+\]: verify error:num=27:certificate not trusted$
--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/ssh 2004/04/21 23:43:01 1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/ssh 2004/05/14 12:14:12 1.3
@@ -1,4 +1,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Accepted (gssapi|rsa|dsa|password|publickey|keyboard-interactive/pam) for [^[:space:]]+ from [^[:space:]]+ port [0-9]+ (ssh|ssh2)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: \(pam_unix\) session opened for user root by root\(uid=0\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: PAM pam_putenv: delete non-existent entry; [[:alnum:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Server listening on [.0-9]+ port 22\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: subsystem request for sftp$