[Logcheck-users] Re: Logcheck-users Digest, Vol 5, Issue 1

Cyril.Gilly cyril.gilly at eisti.fr
Mon Jan 9 12:44:44 UTC 2006 

The entry is probably not igored because of
the word deny in your path .
You might better set your rule in violation.ignore.d/ directory.



At 13:00 09/01/2006, you wrote:
>Send Logcheck-users mailing list submissions to
>         logcheck-users at lists.alioth.debian.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.alioth.debian.org/mailman/listinfo/logcheck-users
>or, via email, send a message with subject or body 'help' to
>         logcheck-users-request at lists.alioth.debian.org
>
>You can reach the person managing the list at
>         logcheck-users-owner at lists.alioth.debian.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of Logcheck-users digest..."
>
>
>Today's Topics:
>
>    1. Log Entry not being ignored (Andrew Berry)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Sun, 8 Jan 2006 21:06:56 +0000 (GMT)
>From: Andrew Berry <andrew at aberry.co.uk>
>Subject: [Logcheck-users] Log Entry not being ignored
>To: Logcheck-users at lists.alioth.debian.org
>Message-ID: <Pine.SOC.4.63.0601082026450.2359 at almond.milky.org.uk>
>Content-Type: TEXT/PLAIN; charset=US-ASCII
>
>All,
>
>Apologies if this is a simple error but it's been confusing me for a few
>weeks and I have no idea how to fix it.
>
>I've set a cron job to run 3 times an hour (as root) and logcheck's
>picking up on this (but no others).  The output in the email is this:-
>
>Jan  8 20:21:01 homer /USR/SBIN/CRON[8637]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg)
>Jan  8 20:41:01 homer /USR/SBIN/CRON[2949]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg)
>Jan  8 21:01:01 homer /USR/SBIN/CRON[12711]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg)
>
>I've added the following to /etc/logcheck/ignore.d.server/cron (I assume
>this is the correct file):-
>
>^\w{3} [ :0-9]{11} [._[:alnum:]-]+ \USR\SBIN\CRON\[[0-9]+\]: 
>\([_[:alnum:]-]+\)
>CMD \(/usr/bin/python /root/denyhosts/denyhosts.py -c 
>/root/denyhosts/denyhosts.
>cfg\)$
>
>All the testing I've carried out shows that this is correct.
>
>I am running Debian Stable and the version of logcheck from aptitude is
>1.2.39.
>
>Can anyone point me in the correct direction?
>
>Thanks,
>
>Andrew
>
>--
>Andrew Berry
>andrew at aberry.co.uk
>http://www.aberry.co.uk
>
>
>
>------------------------------
>
>_______________________________________________
>Logcheck-users mailing list
>Logcheck-users at lists.alioth.debian.org
>http://lists.alioth.debian.org/mailman/listinfo/logcheck-users
>
>
>End of Logcheck-users Digest, Vol 5, Issue 1
>********************************************

"This machine has no brain ... Please use your own"
Cyril Gilly
cyril.gilly at eisti.fr
EISTI
Avenue du Parc
95 011 CERGY
01 34 25 10 33

More information about the Logcheck-users mailing list