Package: logcheck-database
Version: 1.2.39
Severity: wishlist
The Package mon doens't have any rules yet, but does write to the
syslog.
the problem is that one of the lsit commands triggers the security
violation which it isn't ;-)
mayme it's a good idea to add this to de default list of violation
ignore's
olympos:~# cat /etc/logcheck/violations.ignore.d/local-mon
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mon\[[0-9]+\]: client command "list
failures"$
further i think list command shouldn't be in the system events logs
so we also have this rule file
cat /etc/logcheck/ignore.d.server/local-mon
# matches list commands
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mon\[[0-9]+\]: client command "list [a-z]+"$
# matches the protocol command
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mon\[[0-9]+\]: client command "protid
[0-9]+"$
i hope these rules could make the next release of logcheck even better then it
already is
regards
Robbert Muller
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.11.5-olympos.11
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages logcheck-database depends on:
ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy
-- debconf information:
logcheck-database/rules-directories-note:
logcheck-database/standard-rename-note:
logcheck-database/conffile-cleanup: false
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
