[Logcheck-devel] tip: how to develop logcheck rules (one way at least)
martin f krafft
madduck at debian.org
Mon Jul 24 20:39:53 UTC 2006
thought i'd share this in case you didn't already make use of such
a method, it took me quite a while to arrive at it. now if I am
trying to add rules to hide messages that logcheck just sent to me
by mail, I tell mutt to pipe the message to
egrep -v -f /path/to/logcheck/ignore.d.server/whatever | less
and then inspect the output until it only contains stuff I want to
this makes things *a lot* easier.
.''`. martin f. krafft <madduck at debian.org>
: :' : proud Debian developer and author: http://debiansystem.info
`- Debian - when you have better things to do than fixing a system
"no, 'eureka' is greek for 'this bath is too hot.'"
-- dr. who
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060724/db176d41/attachment.pgp
More information about the Logcheck-devel