[Logcheck-users] It's not filtering this one specific line...
Todd Troxell
ttroxell at debian.org
Thu Nov 10 21:47:17 UTC 2005
Hi!
On Mon, Nov 07, 2005 at 11:13:27PM -0500, parachute at optonline.net wrote:
> I keep seeing...
> "Nov 7 23:08:09 ns1 amavis[24086]: (24086-06) WARN: all primary
> virus scanners failed, considering backups"
>
> And no matter what I try to make a rule filter for it, it won't go
> away! I've tested my rules by doing `cat /var/log/mail.log | egrep
> "$my_rule"` and it would work and scroll out all the matched output.
The problem is that the word "failed" is triggering a security violation.
You will need to add it to a file in violations.ignore.d/
For more info see README.logcheck-database
--
Todd Troxell
http://rapidpacket.com/~xtat
More information about the Logcheck-users
mailing list