[Logcheck-devel] Bug#590679: [logcheck-database] rules for ntpd

[Hendrik Jaeger]

Package: logcheck-database
Severity: wishlist
Tags: patch

Hi,

some rules for ntpd as i couldn't find any:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: time reset
[+-]*[0-9]{1,2}\.[0-9]{6} s$ 
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronisation
lost$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: no servers
reachable$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]:
synchronized to ([0-9.]{7,15}|[0-9a-fA-F:.]{4,39}), stratum [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: synchronized to
LOCAL\([0-9]+\), stratum [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync
(disabled|enabled) [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync
(enabled|status( change)?) [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: precision =
[0-9]+\.[0-9]+ usec$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: peer
([.0-9]{7,15}|[0-9a-fA-F:.]{4,39}) now (in)?valid$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: adjusting local
clock by -?[.0-9]+s$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: adjust time server
-?[.0-9]+ offset$

Hendrik



-- 
Hendrik Jaeger
Linux Systemadministrator

Init Seven AG
Elias-Canetti-Strasse 7
CH-8050 Zürich
phone: +41 44 315 44 00
fax: +41 44 315 44 01
http://www.init7.net/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20100728/381e0df8/attachment.pgp>