[Logcheck-users] can't filter log which contains the word "failure"
Marius Erni
marius.erni at epfl.ch
Sun Jan 14 11:29:26 CET 2007
Hi,
For quite some time I try to filer out a log message which contains the
word failure. And I'm not able to filter it out.
Is this a know issue? How can I filter out this message?
the message i do like to filter out is:
Jan 8 10:49:15 XXX smbd[31464]: read_socket_data: recv failure for 4.
Error = No route to host
And the thats my rule which does not work.
^\w{3} [ :0-9]{11} XXX smbd\[[0-9]{2,5}\]: +read_socket_data: recv
failure for 4\. Error = No route to host$
I'm using logcheck 1.2.39 under Debian Stable.
Kind regards Marius
More information about the Logcheck-users
mailing list