[Logcheck-devel] Bug#539944: RFH: logcheck / also an idea for a logcheck rewrite

martin f krafft madduck at debian.org
Tue Aug 4 16:52:41 UTC 2009 

Package: wnpp
Severity: normal

We could use help with logcheck, specifically:

- bug triaging, which is mainly updating rule files
- bug fixing of features and faults
- implementing templates for rules, e.g. @IPADDR@ and refactoring
  the rule files so that there aren't seven dozens different regexps
  for IP addresses
- improving the performance and usefulness
  * only process filters for packages that are installed
  * find a way to avoid the multipass approach logcheck currently
    takes

The package is maintained with Git, but there are no branches, so
use is trivial.

If you're interested, please pass me your alioth.debian.org account
so that I can give you commit access.

* * *

In the long run, I'd love to see a rewrite of logcheck with some of
the following features:

- tag-based, so that an admin can choose whether to see e.g. daemon
  restart messages, authentication attempts for invalid/nonexistent
  accounts, etc.
- runs as a daemon and can process new log entries instantly.
- possibly interfaces directly with rsyslog to avoid having to go
  via log files
- configurable actions, e.g. mail, jabber, file, postgresql
- provide patterns/templates and easy instructions (possibly
  automatic filter generators) to encourage package maintainers to
  provide the files themselves.
- possibly require message samples with each filter to allow for
  a test suite.
- and many more.

Please send further ideas to this bug report.

Talk to me if you're interested in this, and I'd be happy to assist.
I don't have time to do it myself.

-- 
 .''`.   martin f. krafft <madduck at d.o>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090804/80ee2db7/attachment.pgp>

More information about the Logcheck-devel mailing list