Bug#271286: [Logcheck-devel] Bug#271286: minor fix for ignore.d.server/oidentd

[maks attems]

On Sun, 12 Sep 2004, Jonas Meurer wrote:

> in ignore.d.server/oidentd you have:
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
> 	[._[:alnum:]-]+ \([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$
> 
> anyway, some oidentd logs don't have a hostname:
> oidentd[34562]: Connection from 241.145.24.135:2353

could you post full log line?

> therefore you have to add:
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
> 	\([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$

hmm that shouldn't work for aboves messages because of the enclosed '\(...\)'

you can easily test your regexes in a file like local-oidentd
put in the /etc/logcheck/ignore.d.server.

please report back. :)
 
 
--
maks