[Logcheck-devel] Re: [Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
maks attems
debian at sternwelten.at
Mon May 17 08:15:27 UTC 2004
hey todd,
our user tend to confound our three layers:
"attacks", security events and system events.
we need to do something bout the dir structure.
On Sun, 16 May 2004, CVS User ttroxell wrote:
> +++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-innd 2004/05/16 07:39:37 1.3
> @@ -4,3 +4,4 @@
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: rejected [0-9]+ Too old -- "[0-9]+ \w{3} [0-9]{4} [0-9:]{8} ([A-Z]+|(\+|-)[0-9]{4})"$
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: rejected [0-9]+ No colon-space in "("|x-no-archive:yes)" header$
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [^[:space:]]+ posts received [0-9]+ rejected [0-9]+$
> +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rnews: offered <[^[:space:]]+> [._[:alnum:]-]+$
anyways please revert this change,
there is no keyword in aboves rule that will push it in security events,
please take a look at cvs commit from 12. may,
i already added aboves rule in ignore.d.server/innd ;)
a++ maks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040517/31d1b9e8/attachment.pgp
More information about the Logcheck-devel
mailing list