[Logcheck-commits] martin f. krafft: i.d.s/pdns: match informational messages about incoming AXFR transfers
Martin F. Krafft
madduck at alioth.debian.org
Fri Jun 11 11:38:36 UTC 2010
Module: logcheck
Branch: lenny-backports
Commit: a5046cda3a1c704cfada6d9d708f1b1137659d71
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=a5046cda3a1c704cfada6d9d708f1b1137659d71
Author: martin f. krafft <madduck at debian.org>
Date: Mon May 31 09:51:34 2010 +0200
i.d.s/pdns: match informational messages about incoming AXFR transfers
Signed-off-by: martin f. krafft <madduck at debian.org>
---
debian/changelog | 3 +++
rulefiles/linux/ignore.d.server/pdns | 5 +++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 2d51fe8..0b6e6a5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -26,6 +26,9 @@ logcheck (1.3.9) UNRELEASED; urgency=low
- ignore warnings about truncated packets.
* ignore.d.server/schroot:
- ignore new-style PAM session notices.
+ * ignore.d.server/pdns
+ - update rules to match informational messages about incoming AXFR
+ transfers, as well as sqlite3 connections.
-- Hannes von Haugwitz <hannes at vonhaugwitz.com> Fri, 14 May 2010 21:56:13 +0200
diff --git a/rulefiles/linux/ignore.d.server/pdns b/rulefiles/linux/ignore.d.server/pdns
index f9a91f4..9febd2a 100644
--- a/rulefiles/linux/ignore.d.server/pdns
+++ b/rulefiles/linux/ignore.d.server/pdns
@@ -27,7 +27,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Queued notification of domain '[-_.[:alnum:]]+' to [.[:digit:]]{7,15}$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received NOTIFY for ([-_.[:alnum:]]+)? from [.[:digit:]]{7,15} for which we are not authoritative$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received NOTIFY for [-_.[:alnum:]]+ from [.[:digit:]]{7,15} which is not a master$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received NOTIFY for [-_.[:alnum:]]+ from master [.[:digit:]]{7,15}, we are up to date: [[:digit:]]+<=[[:digit:]]+$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received NOTIFY for [-_.[:alnum:]]+ from (master )?[.[:digit:]]{7,15}, we are up to date: [[:digit:]]+<=[[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received a malformed qdomain from [.[:digit:]]{7,15}, '.+': (dropping|sending servfail)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received an overly large question from [.[:digit:]]{7,15}, dropping$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Received an unknown opcode [[:digit:]]+ from [.[:digit:]]{7,15} for( [-_.[:alnum:]]+)?$
@@ -47,6 +47,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: [[:digit:]]+ domains? for which we are master needs? notifications$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: [[:digit:]]+ slave domains? needs? checking$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: gpgsql Connection succesful$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: gsqlite: connection to '[-._/[:alnum:]]+' success?ful$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: gsqlite3?: connection to '[-._/[:alnum:]]+' success?ful$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns\[[[:digit:]]+\]: Initiating transfer of '[-_.[:alnum:]]+' from remote '[.[:digit:]]{7,15}'$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns_recursor\[[[:digit:]]+\]: Refreshed ([[:digit:]]+|\.) records$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ pdns_recursor\[[[:digit:]]+\]: Unable to parse packet from remote( UDP)? server [.[:digit:]]{7,15}: (Wrong size for A record \(0\)|Error parsing packet of [[:digit:]]+ bytes \(rd=0\), out of bounds: vector::_M_range_check|packet smalll?er than DNS header)$
More information about the Logcheck-commits
mailing list