[Logcheck-commits] CVS logcheck/rulefiles/linux/ignore.d.server
CVS User maks-guest
logcheck-devel@lists.alioth.debian.org
Mon, 25 Oct 2004 14:09:16 -0600
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server
In directory haydn:/tmp/cvs-serv25803/rulefiles/linux/ignore.d.server
Modified Files:
perdition postfix pure-ftpd
Added Files:
snmpd
Log Message:
add some rules.
--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/perdition 2004/09/28 15:11:54 1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/perdition 2004/10/25 20:09:16 1.3
@@ -1,3 +1,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Connect: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Auth: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user=\"[[:alnum:]+[:punct:]+]+\" server=\"[[:alnum:]+[:punct:]]+\" port=\"[0-9]+\" status=\"ok\"$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Close: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user=\"[[:alnum:]+[:punct:]+]+\" received=[0-9]+ sent=[0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Closing NULL
+session: [.0-9]{7,15}->[.0-9]{7,15} username=\(null\)$
--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/postfix 2004/10/19 15:24:32 1.32
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/postfix 2004/10/25 20:09:16 1.33
@@ -35,6 +35,8 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+ server dropped connection without sending the initial SMTP greeting \(port 25\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: host [^[:space:]]+ refused to talk to me: [45][0-9][0-9].*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: lost connection with [^[:space:]]+ while sending (MAIL FROM|RCPT TO)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: lost connection with [^[:space:]]+ while sending end of data -- message may
+be sent more than once$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: lost connection after (AUTH|CONNECT|DATA|EHLO|HELO|MAIL|RCPT|RSET) from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: host [^[:space:]]+ said: .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: no MX host for [^[:space:]]+ has a valid A record$
--- /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/pure-ftpd 2004/10/12 18:54:39 1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/ignore.d.server/pure-ftpd 2004/10/25 20:09:16 1.3
@@ -1,6 +1,8 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \(\?@[._[:alnum:]-]+\) \[INFO\] New connection from [._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \(\?@[._[:alnum:]-]+\) \[INFO\] [._[:alnum:]-]+ is now logged in$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[INFO\] Can't change directory to .+: No such file or directory$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[INFO\] Can't change directory to .+: (No such file or|Not a) directory$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[INFO\] Timeout - try typing a little faster next time$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[INFO\] Timeout \(no new data for [0-9]+ seconds\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \(\?@[._[:alnum:]-]+\) \[INFO\] Logout.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[NOTICE\] .+ (up|down)loaded \([0-9]+ bytes, [0-9]+.[0-9]+KB/sec\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pure-ftpd: \([._[:alnum:]-]+@[._[:alnum:]-]+\) \[NOTICE\] File successfully renamed or moved: \[.+\]->\[.+\]$