Bug#333456: [Logcheck-devel] Bug#333456: logcheck: ignore mundane tftpd messages

[Jamie L. Penman-Smithson]

package logcheck
tags 333456 pending
thanks

Hi there

On Tue, 2005-10-11 at 19:56 -0400, toby cabot wrote:
> Hi, thanks for maintaining logcheck, it works quite well.  I run a
> small network with some diskless nodes.  When they boot, they download
> their kernels from TFTP.  Typically, I'll get two messages from
> logcheck; one when the client connects, and one when they download a
> file, e.g:

I've added the following rules to logcheck based on the log messages you
provided:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.tftpd\[[0-9]+\]: connect from
[._[:alnum:]-]+ \([.[:digit:]]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ tftpd\[[0-9]+\]: tftpd: trying to get
file: [^[:space:]]+$

They'll be included in the next release. In future, if you make local
additions to the logcheck rules you should prefix the filename with
'local-' to ensure they are not overwritten when upgrading.

Thanks for your bug report,

-- 
-Jamie L. Penman-Smithson <jamie at silverdream.org>
 t: +44 1273 424795; f: +44 1273 424795
 PGP: C0A7 955E EED6 A309 23D7 863B C76A 26A3 F0DC FCA8
 never send mail to: oubliette.z at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20051012/1ec69af3/attachment.pgp