[Logcheck-devel] Bug#613124: logcheck: snmpd output changed - rule needs updating
Robert Naylor
robert at pobice.co.uk
Sun Feb 13 00:15:14 UTC 2011
Package: logcheck
Version: 1.3.13
Severity: normal
Tags: patch
SNMP output has change from:
Feb 12 06:30:02 server snmpd[3370]: Connection from UDP: [127.0.0.1]:35564
to:
Feb 13 00:05:01 server snmpd[4922]: Connection from UDP: [127.0.0.1]:55048->[127.0.0.1]
I've change the snmpd rule file to read:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snmpd\[[0-9]+\]: Connection from [.0-9]{7,15}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snmpd\[[0-9]+\]: Connection from UDP: \[[.0-9]{7,15}\]:[0-9]{4,5}->\[[.0-9]{7,15}\]$
Which seems to have done the trick
-- System Information:
Debian Release: 6.0
APT prefers squeeze-updates
APT policy: (500, 'squeeze-updates'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages logcheck depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii cron 3.0pl1-116 process scheduling daemon
ii exim4-daemon-heavy [mail-tran 4.72-6 Exim MTA (v4) daemon with extended
ii lockfile-progs 0.1.15 Programs for locking and unlocking
ii logtail 1.3.13 Print log file lines that have not
ii mime-construct 1.11 construct/send MIME messages from
ii syslog-ng [system-log-daemon] 3.1.3-3 Next generation logging daemon
Versions of packages logcheck recommends:
ii logcheck-database 1.3.13 database of system log rules for t
Versions of packages logcheck suggests:
ii syslog-summary 1.14-2 summarize the contents of a syslog
-- Configuration Files:
/etc/logcheck/logcheck.conf [Errno 13] Permission denied: u'/etc/logcheck/logcheck.conf'
/etc/logcheck/logcheck.logfiles [Errno 13] Permission denied: u'/etc/logcheck/logcheck.logfiles'
-- debconf information:
logcheck/changes:
* logcheck/install-note:
More information about the Logcheck-devel
mailing list