[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User jlps-guest
logcheck-devel@lists.alioth.debian.org
Sun, 20 Feb 2005 13:38:02 -0700
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv635
Modified Files:
logcheck-pureftp
Log Message:
Add rule for pure-ftpd up/downloads, since filenames can contain any of the keywords listed in violations.d/logcheck and these messages shouldn't be marked as 'Security Events'
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-pureftp 2004/10/25 20:09:17 1.1
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-pureftp 2005/02/20 20:38:01 1.2
@@ -1,3 +1,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[ERROR\] Can't open .+: No such file or directory$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[ERROR\] Can't remove directory: No such file or directory$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \(\?@[._[:alnum:]-]+\) \[DEBUG\] This is a private system - No anonymous login$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[NOTICE\] .+ (up|down)loaded \([0-9]+ bytes, [0-9]+.[0-9]+KB/sec\)$