[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User maks-guest
logcheck-devel@lists.alioth.debian.org
Sat, 02 Apr 2005 20:36:56 +0000
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv8183/rulefiles/linux/violations.ignore.d
Modified Files:
logcheck-su
Log Message:
add postfix rules for local procmail delivery.
fix su reports.
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-su 2004/07/11 17:42:45 1.3
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-su 2005/04/02 20:36:56 1.4
@@ -1,4 +1,4 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ (pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-) (pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by [[:alnum:]-]+\(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [[:alnum:]-]+$