[Logcheck-devel] Bug#590679: [logcheck-database] rules for ntpd
Hendrik Jaeger
jaeger at init7.net
Wed Jul 28 12:05:57 UTC 2010
Package: logcheck-database
Severity: wishlist
Tags: patch
Hi,
some rules for ntpd as i couldn't find any:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: time reset
[+-]*[0-9]{1,2}\.[0-9]{6} s$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronisation
lost$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: no servers
reachable$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]:
synchronized to ([0-9.]{7,15}|[0-9a-fA-F:.]{4,39}), stratum [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronized to
LOCAL\([0-9]+\), stratum [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync
(disabled|enabled) [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync
(enabled|status( change)?) [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: precision =
[0-9]+\.[0-9]+ usec$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: peer
([.0-9]{7,15}|[0-9a-fA-F:.]{4,39}) now (in)?valid$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: adjusting local
clock by -?[.0-9]+s$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: adjust time server
-?[.0-9]+ offset$
Hendrik
--
Hendrik Jaeger
Linux Systemadministrator
Init Seven AG
Elias-Canetti-Strasse 7
CH-8050 Zürich
phone: +41 44 315 44 00
fax: +41 44 315 44 01
http://www.init7.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20100728/381e0df8/attachment.pgp>
More information about the Logcheck-devel
mailing list