Bug#271286: [Logcheck-devel] Bug#271286: minor fix for ignore.d.server/oidentd
maks attems
debian at sternwelten.at
Sun Sep 12 22:19:06 UTC 2004
On Sun, 12 Sep 2004, Jonas Meurer wrote:
> in ignore.d.server/oidentd you have:
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
> [._[:alnum:]-]+ \([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$
>
> anyway, some oidentd logs don't have a hostname:
> oidentd[34562]: Connection from 241.145.24.135:2353
could you post full log line?
> therefore you have to add:
> ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: Connection from \
> \([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\):[0-9]{1,5}$
hmm that shouldn't work for aboves messages because of the enclosed '\(...\)'
you can easily test your regexes in a file like local-oidentd
put in the /etc/logcheck/ignore.d.server.
please report back. :)
--
maks
More information about the Logcheck-devel
mailing list