[Logcheck-devel] Bug#311216: logcheck: mails "egrep: Invalid content of \{\}"
John A. Martin
jam at jamux.com
Mon May 30 13:00:39 UTC 2005
>>>>> "Jamie" == Jamie L Penman-Smithson
>>>>> "Re: Bug#311216: logcheck: mails "egrep: Invalid content of \{\}""
>>>>> Mon, 30 May 2005 00:43:57 +0100
Jamie> On Sun, 2005-05-29 at 19:06 -0400, John A. Martin wrote:
>> Mail sent by logcheck
>>
>> ,----
>> From: root at lists.jamux.org (Cron Daemon)
>> Subject: Cron <logcheck at lists> if [ -x /usr/sbin/logcheck ]; then
>> nice -n10 /usr/sbin/logcheck; fi
>> To: root at lists.jamux.org
>> Date: Sun, 29 May 2005 18:02:09 -0400 (EDT)
>>
>> egrep: Invalid content of \{\}
>> `----
Jamie> Can you run logcheck -odt, the output of that should help
Jamie> pin it down somewhat..
,----[ su -s /bin/bash -c "/usr/sbin/logcheck -odt" logcheck ]
D: [1117456573] Turning debug mode on
D: [1117456573] Sourcing - /etc/logcheck/logcheck.conf
D: [1117456573] Setting MAILOUT to 1
D: [1117456573] Setting LOGTAIL_OPTS to -t
D: [1117456573] Finished getopts c:dhH:l:L:m:opr:RsS:tTuvw
D: [1117456573] Trying to get lockfile: /var/lock/logcheck/logcheck.lock
D: [1117456573] Running lockfile-touch /var/lock/logcheck/logcheck.lock
D: [1117456573] cleanrules: /etc/logcheck/cracking.d/logcheck
D: [1117456573] cleanrules: /etc/logcheck/violations.d/logcheck
D: [1117456573] cleanrules: /etc/logcheck/violations.d/su
D: [1117456573] cleanrules: /etc/logcheck/violations.d/sudo
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/innd
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-bind
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-courier
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-cyrus
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-hylafax
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-innd
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-nagios
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-openvpn
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-postfix
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-pureftp
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-samba
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail_tmp
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-spamd
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-squid
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-usb
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-winbind
D: [1117456573] cleanrules: /etc/logcheck/violations.ignore.d/su
D: [1117456573] cleanrules: /etc/logcheck/ignore.d.server/amavisd-new
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/anon-proxy
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/apache
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/arpwatch
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/automount
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/bind
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/clamav-daemon
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/clamav-freshclam
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/courier
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/cpqarrayd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/cron
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/cyrus
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/dhclient
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/dhcp
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/dictd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/dnsmasq
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/dovecot
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/gps
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/hylafax
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/imap
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/imapd-ssl
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/imapproxy
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/imp
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/innd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/ipppd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/isdnlog
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/isdnutils
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/jabberd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/logcheck
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/nagios
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/nfs
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/nntpcache
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/nscd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/ntp
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/oidentd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/openvpn
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/pdns
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/perdition
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/pop3d-ssl
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/postfix
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/ppp
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/pptpd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/proftpd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/pure-ftpd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/qmail
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/rbldnsd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/rsnapshot
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/rsync
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/samba
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/saslauthd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/scponly
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/slapd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/smartd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/smokeping
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/snmpd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/spamd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/squid
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/ssh
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/stunnel
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/syslog-ng
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/syslogd
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/thy
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/uptimed
D: [1117456574] cleanrules: /etc/logcheck/ignore.d.server/userv
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/bind
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/clamav-daemon
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/cron
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/imap
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/proftpd
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/squid
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/syslog-ng
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd
D: [1117456575] cleanrules: /etc/logcheck/ignore.d.paranoid/tripwire
D: [1117456575] logoutput called with file: /var/log/syslog
D: [1117456575] Running logtail: /var/log/syslog
D: [1117456575] logoutput called with file: /var/log/auth.log
D: [1117456575] Running logtail: /var/log/auth.log
D: [1117456575] Sorting logs
D: [1117456575] Setting the Intro
D: [1117456575] Checking for security alerts
D: [1117456575] greplogoutput: logcheck
D: [1117456575] greplogoutput: returning 1
D: [1117456575] Checking for security events
D: [1117456575] greplogoutput: logcheck
D: [1117456575] greplogoutput: su
D: [1117456575] greplogoutput: Entries in checked
D: [1117456575] cleanchecked - file: /tmp/logcheck.6yuSGL/violations-ignore/su
D: [1117456575] cleanchecked - file: /tmp/logcheck.6yuSGL/violations-ignore/logcheck-su
D: [1117456575] report: cat'ing - Security Events for su
D: [1117456575] greplogoutput: sudo
D: [1117456575] greplogoutput: Entries in checked
D: [1117456575] cleanchecked - file: /tmp/logcheck.6yuSGL/violations-ignore/logcheck-sudo
D: [1117456575] greplogoutput: returning 0
D: [1117456575] Checking for system events
D: [1117456575] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore
D: [1117456575] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/amavisd-new
D: [1117456575] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/anon-proxy
D: [1117456575] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/apache
D: [1117456575] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/arpwatch
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/automount
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/bind
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/clamav-daemon
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/clamav-freshclam
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/courier
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/cpqarrayd
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/cron
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/cyrus
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/dhclient
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/dhcp
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/dictd
D: [1117456576] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/dnsmasq
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/dovecot
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/gps
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/hylafax
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/imap
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/imapd-ssl
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/imapproxy
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/imp
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/innd
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/ipppd
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/isdnlog
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/isdnutils
D: [1117456577] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/jabberd
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/logcheck
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/nagios
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/nfs
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/nntpcache
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/nscd
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/ntp
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/oidentd
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/openvpn
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/pdns
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/perdition
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/pop3d-ssl
D: [1117456578] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/postfix
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/ppp
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/pptpd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/proftpd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/pure-ftpd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/qmail
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/qpopper
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/rbldnsd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/rpc_statd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/rsnapshot
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/rsync
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/samba
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/saslauthd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/scponly
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/slapd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/smartd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/smokeping
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/snmpd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/spamd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/squid
egrep: Invalid content of \{\}
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/ssh
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/stunnel
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/sysklogd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/syslog-ng
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/syslogd
D: [1117456581] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/telnetd
D: [1117456582] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/thy
D: [1117456582] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/tripwire
D: [1117456582] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/ucd-snmp
D: [1117456582] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/uptimed
D: [1117456582] cleanchecked - dir - /tmp/logcheck.6yuSGL/ignore/userv
D: [1117456582] Setting the footer text
D: [1117456582] Sending report to STDOUT
Security Events for su
=-=-=-=-=-=-=-=-=-=-=-
May 30 08:30:31 lists su[7737]: + pts/1 root-root
May 30 08:36:13 lists su[7898]: + pts/1 root-logcheck
D: [1117456582] Sent report to STDOUT
D: [1117456582] cleanup: Killing lockfile-touch - 7910
D: [1117456582] cleanup: Removing lockfile: /var/lock/logcheck/logcheck.lock
D: [1117456582] Cleanup: Removing - /tmp/logcheck.6yuSGL
`----
,----[ ls -l /etc/logcheck/ignore.d.{paranoid,server}/squid ]
-rw-r----- 1 root logcheck 72 Apr 28 2003 /etc/logcheck/ignore.d.paranoid/squid
-rw-r----- 1 root logcheck 5103 May 29 00:32 /etc/logcheck/ignore.d.server/squid
`----
,----[ cat /etc/logcheck/ignore.d.paranoid/squid ]
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: NETDB state saved;$
`----
,----[ cat /etc/logcheck/ignore.d.server/squid ]
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: storeDirWriteCleanLogs: Starting\.\.\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Finished\. Wrote [0-9]+ entries\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Took [.0-9]+ seconds \([ .0-9]+ entries/sec\)\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: logfileRotate: /var/log/squid/store\.log$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: logfileRotate: /var/log/squid/access\.log$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Waiting [0-9]+ seconds for active connections to finish$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: FD [0-9]+ Closing HTTP connection$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: FD [0-9]+ Closing ICP connection$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Closing unlinkd pipe on FD [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Squid Cache \(Version [0-9.]+(STABLE)*[0-9]+\): Exiting normally\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Squid Parent: child process [0-9]+ exited with status 0$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Squid Parent: child process [0-9]+ started$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Starting Squid Cache version [0-9.]+(STABLE)*[0-9]+ for [[:alnum:]-]+\.\.\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Process ID [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: With [0-9]+ file descriptors available$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: DNS Socket created at [0-9.]+, port [0-9]+, FD [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Adding nameserver [0-9.]+ from /etc/resolv.conf$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: User-Agent logging is disabled\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Referer logging is disabled\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Unlinkd pipe opened on FD [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Swap maxSize [0-9]+ KB, estimated [0-9]+ objects$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Target number of buckets: [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Using [0-9]+ Store buckets$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Max Mem size: [0-9]+ KB$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Max Swap size: [0-9]+ KB$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Local cache digest enabled; rebuild/rewrite every [0-9]+/[0-9]+ sec$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Rebuilding storage in [/._[:alnum:]-]+ \(CLEAN\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Using Least Load store dir selection$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Current Directory is [/._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Loaded Icons\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Accepting HTTP connections at [0-9.]+, port [0-9]+, FD [0-9]+\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Accepting ICP messages at [0-9.]+, port [0-9]+, FD [0-9]+\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: HTCP Disabled\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: WCCP Disabled\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Ready to serve requests\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Done reading [/._[:alnum:]-]+ swaplog \([0-9]+ entries\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Finished rebuilding storage from disk\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ Entries scanned$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ Invalid entries\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ With invalid flags\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ Objects (loaded|expired|cancelled)\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ Swapfile clashes avoided\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ Duplicate URLs purged\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +Took [0-9.]+ seconds \( [0-9.]+ objects/sec\)\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: Beginning Validation Procedure$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +Completed Validation Procedure$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +Validated [0-9]+ Entries$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +store_swap_size = [0-9]+k$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: storeLateRelease: released [0-9]+ objects$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: +[0-9]+ entries written so far\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: urlParse: Illegal character in hostname '.*'$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: httpReadReply: Excess data from "GET .*"$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: WARNING: found whitespace in HTTP header name {Cache Control: no-cache}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: ctx: exit level 0$
# squidguard
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ squid\[[0-9]+\]: helperOpenServers: Starting [0-9]+ 'squidGuard' processes$
`----
jam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 154 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20050530/131a59c7/attachment.pgp
More information about the Logcheck-devel
mailing list