[Logcheck-devel] Bug#511483: logcheck-database: please add rules for rkhunter

Frédéric Brière fbriere at fbriere.net
Tue Aug 18 22:37:21 UTC 2009


On Sun, Jan 11, 2009 at 03:09:06PM +0100, Christoph Anton Mitterer wrote:
> Could you please add rules for rkhunter:

I don't think there's much interest by the logcheck maintainers in
adding support for non-syslog logfiles.  (Especially since they all tend
to have their own crappy syntax.)

> This should give a critical warning:
> Rootkit Hunter: Please inspect this machine, because it may be infected.

This may be a silly question, but why don't you use rkhunter's
MAIL-ON-WARNING option instead?


-- 
< nobse> bleh... last night I had a dream... someone NMU'ed vim...
         nightmare
		-- in #debian-devel





More information about the Logcheck-devel mailing list