[Logcheck-devel] Re: [Logcheck-commits] CVS logcheck/docs
maximilian attems
debian at sternwelten.at
Tue May 3 21:45:47 UTC 2005
On Tue, 03 May 2005, Jamie L. Penman-Smithson wrote:
> On Tue, 2005-05-03 at 07:20 +0000, CVS User maks-guest wrote:
> > Modified Files:
> > logcheck.sgml
> > Log Message:
> >
> > minor addition describe 3 layers.
> > remove the url tag not recognized by docbook2man.
> > +
> > + <para>The reported messages are sorted in three different layers.
> > + The system events verbosity is governed by aboves level choice.
> > + The security events and the so called attack alerts are reported
> > + anyway independently of aboves choosen level.</para>
>
> I've reworded this a little:
>
> <para>The messages reported are further sorted into two levels of
> severity, system events and security events. The verbosity of system
> events is controlled by which level you choose, paranoid, server or
> workstation. However, security events are not affected by this.</para>
>
> If this is okay, I can go ahead and commit this..?
>
> -j
i do mostly agree,
but please keep the distinction level != layer.
(current doc keeps that disctinction)
our 3 levels:
- paranoid
- server
- workstation
filtered in 3 layers
- attacks (to be renamed)
- security events
- system events.
the attack alerts rarely trigger, but should work.
there pattern may need work. anyway that's ot..
--
maks
More information about the Logcheck-devel
mailing list