[Logcheck-devel] templates cleanup part2
maks attems
debian at sternwelten.at
Thu Jun 10 12:10:37 UTC 2004
hello
based on Alfie's proposal regarding
"Template: logcheck-database/rules-directories-note"
- /etc/logcheck/cracking.ignore.d [for local use only]
this note regarding the cracking.ingore.d is confusing, what is meant is:
- /etc/logcheck/cracking.ignore.d [no rules from logcheck-database itself]
we might even want to drop that message as in normal mode of operation,
i never found it necessary to add local rules there?
- These directories may contain files named "logcheck" (containing minimal
generic alert/override patterns), "(packagename)" (containing patterns
- specific to that one package) or "local" (created by the local
- administrator to contain patterns tailored for a particular site).
Logcheck will then use rules collected from all the files found in the
appropriate directories.
+ These directories may contain files prefixed "logcheck-" (containing
generic alert/override patterns), "(packagename)" (containing patterns
+ specific to that one package) or prefixed "local-" (created by the local
+ administrator to contain patterns tailored for a particular site).
Logcheck will then use rules collected from all the files found in the
appropriate directories.
removed the "minimal" logcheck-database rule set seems far from minimal.
didn't mention the local file as admins will find local-foo easier
for their setup.
thanks for your comments. as it's your initial proposition Alfie
feel free to commit if no one objects?
a++ maks
More information about the Logcheck-devel
mailing list