[Logcheck-users] cron ignore line?

[Mark Edwards]

I am troubleshooting a new cron line that is triggering logcheck.   
Other cron entries do not trigger logcheck, even though they are  
logged in /var/log/syslog

This is a security trigger, and I know it is because of certain words  
in the cron entry.  What I can't figure out is which entry in  
logcheck is ignoring the other cron events?  Here is a cron log from  
syslog that does not trigger logcheck:

Jul 30 13:50:01 labserver /USR/SBIN/CRON[20237]: (www-data) CMD (/usr/ 
share/cacti/site/poller.php >/dev/null 2>/var/log/cacti/poller- 
error.log)

and here is the standard /etc/logcheck/ignore.d.server/cron:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ crontab\[[0-9]+\]: \([[:alnum:]-]+ 
\) LIST \([[:alnum:]-]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ crontab\[[0-9]+\]: \([[:alnum:]-]+ 
\) REPLACE \([[:alnum:]-]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ crontab\[[0-9]+\]: \([[:alnum:]-]+ 
\) (BEGIN|END) EDIT \([[:alnum:]-]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: nss_ldap: reconnect 
(ing|ed) to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$

Clearly none of those lines are ignoring the cron log line above.   
Can someone point out which line actually ignores cron logs?

Thanks.

--
Mark Edwards