[Logcheck-devel] Bug#413262: /etc/logcheck/ignore.d.server/snort: Ignore empty "snort:" line
Johan Walles
johan.walles at gmail.com
Sat Mar 3 18:41:40 UTC 2007
Package: logcheck-database
Version: 1.2.54
Severity: normal
File: /etc/logcheck/ignore.d.server/snort
Tags: patch
Excerpt from a logcheck e-mail I just got:
"
Mar 3 13:11:18 localhost snort:
"
I would prefer if that line was filtered out by the ignore.d.server/snort ruleset. I'd like to see the
following line added to that ruleset:
"
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort:[:space:]*$
"
Regards //Johan
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=sv_SE.ISO-8859-15, LC_CTYPE=sv_SE.ISO-8859-15 (charmap=ISO-8859-15)
Versions of packages logcheck-database depends on:
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
logcheck-database recommends no packages.
-- debconf information:
* logcheck-database/rules-directories-note:
* logcheck-database/standard-rename-note:
* logcheck-database/conffile-cleanup: true
* logcheck-database/security_level: workstation
More information about the Logcheck-devel
mailing list