[Logcheck-devel] Bug#251590: logcheck: Per-rule counters would help maintaining ruleset
Thomas Prokosch
7nrmi1s02 at sneakemail.com
Sat May 29 14:48:48 UTC 2004
Package: logcheck
Severity: wishlist
It would be nice to have per-rule counters which count how many times the
rule has been hit since last counter reset. This would help the
administrator to remove dead rules (ones which are no longer needed due to
software upgrades etc). This would help tighten the ruleset - a tight
ruleset is the basis for a well-maintained machine. Rules which have not
been hit for a certain (configurable) amount of time should get appended to
the report together with the date of the last hit.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.5-1-386
Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL set to C)
More information about the Logcheck-devel
mailing list