[Logcheck-devel] Bug#695075: logcheck-database: new filter rules for nfs (for Wheezy)

Chris Boot crb at tiger-computing.co.uk
Mon Jan 27 17:34:31 UTC 2014 

Control: reassign -1 src:nfs-utils
Control: retitle -1 incorporate logcheck snippets
Control: user debian-release at lists.debian.org
Control: usertag -1 bsp-2014-01-gb-Monmouth

Dear maintainer,

Logcheck is a package to filter system log events for the administrator.
Its aim is to remove chatter from the log files, leaving only the events
that the administrator needs to deal with. Filtering is for display
only, leaving the original log file intact for later reading.

Please ship snippets for consumption by the logcheck package. Logcheck
will stop shipping snippets for heartbeat in the future, so it's
important that heartbeat takes over these files.

If you use debhelper or CDBS, this is very simple:

1. provide your snippets in debian/<package>.logcheck.<type>
   where <type> is one of the following:
      violations
      violations.ignore
      ignore.workstation
      ignore.server
      ignore.paranoid
2. add a call to dh_installlogcheck in debian/rules, if you use
   debhelper without the automatic sequencer
3. add a versioned Breaks: logcheck-database (<= 1.3.16~) to your
   control file

Please allow 7 days before uploading a package including these changes;
this is to give time for a superseding logcheck package to be prepared.
For your convenience, the current snippets (if any) are attached.

For further information, please see README.Maintainers in the logcheck
package.

Please note that the attached files are currently shipped as:

/etc/logcheck/ignore.d.server/mountd
/etc/logcheck/ignore.d.server/nfs
/etc/logcheck/ignore.d.server/rpc_statd

We leave it to your discretion whether to ship these file separately, or
to merge them.

Best regards,
Chris

-- 
Chris Boot
Tiger Computing Ltd
"Linux for Business"

Tel: 01600 483 484
Web: http://www.tiger-computing.co.uk
Follow us on Facebook: http://www.facebook.com/TigerComputing

Registered in England. Company number: 3389961
Registered address: Wyastone Business Park,
 Wyastone Leys, Monmouth, NP25 3SR
-------------- next part --------------
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ mountd\[[0-9]+\]: authenticated (un)?mount request from (([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5])\.){3}([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5]):[0-9]+ for [._/[:alnum:]-]+ \([._/[:alnum:]-]+\)$
-------------- next part --------------
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rpc\.mountd: authenticated (un|)mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mountd\[[0-9]+\]: authenticated (un|)mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$
-------------- next part --------------
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rpc.statd\[[0-9]+\]: authenticated mount request from [._[:alnum:]-]+:[0-9]+ for /[/[:alnum:]]+ \(/[/[:alnum:]]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rpc.statd\[[0-9]+\]: Received erroneous SM_UNMON request from [._[:alnum:]-]+ for [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$

More information about the Logcheck-devel mailing list