[Logcheck-devel] Re: [Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
Todd Troxell
ttroxell at debian.org
Mon May 17 20:09:29 UTC 2004
Ah ok, will remove, thanks.
Yeah, I've thought that the dir names were a bit confusing
too.
-Todd
On Mon, May 17, 2004 at 10:15:27AM +0200, maks attems wrote:
> hey todd,
>
> our user tend to confound our three layers:
> "attacks", security events and system events.
> we need to do something bout the dir structure.
>
> On Sun, 16 May 2004, CVS User ttroxell wrote:
>
> > +++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-innd 2004/05/16 07:39:37 1.3
> > @@ -4,3 +4,4 @@
> > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: rejected [0-9]+ Too old -- "[0-9]+ \w{3} [0-9]{4} [0-9:]{8} ([A-Z]+|(\+|-)[0-9]{4})"$
> > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: rejected [0-9]+ No colon-space in "("|x-no-archive:yes)" header$
> > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [^[:space:]]+ posts received [0-9]+ rejected [0-9]+$
> > +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: offered <[^[:space:]]+> [._[:alnum:]-]+$
>
> anyways please revert this change,
> there is no keyword in aboves rule that will push it in security events,
> please take a look at cvs commit from 12. may,
> i already added aboves rule in ignore.d.server/innd ;)
>
> a++ maks
>
--
[ Todd J. Troxell ,''`.
Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' :
http://debian.org || http://rapidpacket.com/~xtat `. `'
`- ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040517/3dbc80af/attachment.pgp
More information about the Logcheck-devel
mailing list