[Logcheck-devel] rsync rule problem...
Kristoffer Egefelt
kristoffer at itoc.dk
Tue Feb 9 11:18:18 UTC 2010
Hi,
Running logcheck 1.3.6 on debian lenny.
Getting lines like these every hour:
Feb 9 12:01:02 net-bk01 rsyncd[12243]: rsync to itoc/bk/net-admin01.domain.com/2010-02-09-05:00:01/var/ from UNKNOWN (9.9.9.9)
while having this in /etc/logcheck/ignore.d.server/rsync:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: rsync (to|on) [[:alnum:]/._-:]+ from [@._[:alnum:]-]+ \([0-9.]{7,15}\)$
Funny thing is when running manually:
su -s /bin/bash -c "nice -n10 /usr/sbin/logcheck -o -t" logcheck
produces no output.
Somebody have a clue?
Thanks :-)
Regards
Kristoffer
More information about the Logcheck-devel
mailing list