[Logcheck-users] Rule question.
Mark London
mrl at psfc.mit.edu
Tue Jun 7 15:54:44 UTC 2011
Hi - I added the following 2 rules to logcheck.
\w{3} [ :0-9]{11} [._[:alnum:]-]+ avahi-daemon\[[0-9]+\]: Invalid query
packet.$
\w{3} [ :0-9]{11} [._[:alnum:]-]+ avahi-daemon\[[0-9]+\]: Invalid
response packet from host
[[:digit:]]+.[[:digit:]]+.[[:digit:]]+.[[:digit:]]+.$
The first rule I found on the web. The 2nd one I created myself, to
try and stop these messages:
Jun 7 11:45:13 xxxxx avahi-daemon[10133]: Invalid response packet from
host 198.125.177.241.
But while the first rule is working, the 2nd doesn't seem to be
working. Any ideas why? Thanks. - Mark
More information about the Logcheck-users
mailing list