[Logcheck-devel] Bug#588285: Bug#588285: logcheck: Additional rules to ignore successful kerberos authentication
Russ Allbery
rra at debian.org
Wed Jul 7 16:38:08 UTC 2010
Michel Messerschmidt <lists at michel-messerschmidt.de> writes:
> On Tue, Jul 06, 2010 at 06:26:10PM -0700, Russ Allbery wrote:
>> I wonder if the right way of handling this would be to instead install a
>> logcheck rule as part of the libpam-krb5 package that looks something
> This would be the preferred solution for me.
> I just haven't found a way to configure logcheck to match log messages
> from one daemon against arbitrary rule files. For example, log messages
> from sudo will be matched against /etc/logcheck/ignore.d.server/sudo
> but not against /etc/logcheck/ignore.d.server/libpam.
Hm, that doesn't sound right to me; I've dropped additional files into
that directory before and have had them match a variety of daemon names.
Also, note the Postfix rules and how they match all sorts of different
daemon names. I think something else might have been broken.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Logcheck-devel
mailing list