[Logcheck-devel] Bug#499561: logcheck-database: typo in ssh rules
Ferenc Wágner
wferi at niif.hu
Fri Sep 19 20:46:34 UTC 2008
Package: logcheck-database
Version: 1.2.68
Severity: normal
Hi,
/etc/logcheck/ignore.d.paranoid/ssh contains the rules:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: pam_[[:alnum:]]+\(ssh:session\): session opened for user [^[:space:]]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: pam_[[:alnum:]]+\(ssh:session\): session closed for user [^[:space:]]+$
However, the log lines contain (sshd:session) -- that is, sshd with a
letter d at the end. I guess the fix is obvious. :)
Thanks,
Feri.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.26-1-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
More information about the Logcheck-devel
mailing list