[Logcheck-devel] Bug#693183: Please include ignore.d.server rules for DMA

Carlos Alberto Lopez Perez clopez at igalia.com
Wed Nov 14 02:50:07 UTC 2012 

Package: logcheck-database
Version: 1.3.15
Severity: wishlist
Tags: patch
X-Debbugs-CC: roam at ringlet.net


Hello,

After deploying DMA, I found that logcheck is not filtering the typical
notification messages of mail delivery that any mailer daemon generates.


Here is one example of the logcheck message that I received:


System Events
=-=-=-=-=-=-=
Nov 14 00:02:04 localhost dma[100dcb]: new mail from user=logcheck uid=103 envelope_from=<logcheck at localhost>
Nov 14 00:02:04 localhost dma[100dcb]: mail to=<logcheck at localnet.com> queued as 100dcb.7f9b716f3670
Nov 14 00:02:04 localhost dma[100dcb.7f9b716f3670]: trying delivery
Nov 14 00:02:04 localhost dma[100dcb.7f9b716f3670]: using smarthost (mail.localnet.com:25)
Nov 14 00:02:04 localhost dma[100dcb.7f9b716f3670]: trying remote delivery to mail.localnet.com [192.168.122.28] pref 0
Nov 14 00:02:09 localhost dma[100dcb.7f9b716f3670]: delivery successful


I successfully filtered all this notification messages with the following rules

# cat /etc/logcheck/ignore.d.server/dma
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: new mail from user=[[:alpha:]]+ uid=[0-9]+ envelope_from=<[@._[:alnum:]-]+>$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: mail to=<[@._[:alnum:]-]+> queued as [0-f.]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: trying delivery$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: using smarthost \([._[:alnum:]-]+:[0-9]+\)
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: trying remote delivery to [._[:alnum:]-]+ \[[0-9.:]+\] pref [0-9]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dma\[[0-f.]+\]: delivery successful$



Please, consider adding such rules to logcheck-database


CC'ing DMA maintainer (Peter Pentchev)



Regards!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20121114/69b585b0/attachment.pgp>

More information about the Logcheck-devel mailing list