Package: logcheck
Version: 1.2.69
Severity: normal
Tags: patch
Logcheck's reports contains many messages like:
Feb 7 19:03:57 srv dhcpd: DHCPREQUEST for 172.21.0.126 from 00:19:7e:9f:cc:32
(Hostname
Unsuitable for Printing) via eth0
Feb 7 19:03:57 srv dhcpd: DHCPACK on 172.21.0.126 to 00:19:7e:9f:cc:32
(Hostname
Unsuitable for Printing) via eth0
I create file /etc/logcheck/ignore.d.server/dhcp.local with two rules and these
messages
now ignored by logcheck. Two my rules:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): (DHCPOFFER|DHCPACK) on
[.0-9]{7,15}
to [:[:alnum:]]+ \([_[:alnum:] -]+\) via [[:alnum:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPREQUEST for
[.0-9]{7,15}
(\([.0-9]{7,15}\) )?from [:._[:alnum:]-]+ (\([_[:alnum:] -]+\) )?via
[[:alnum:]-]+$
I propose to insert these rules into (main) /etc/logcheck/ignore.d.*/dhcp
files, patch is
included
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages logcheck depends on:
ii adduser 3.110 add and remove users and groups
ii bsd-mailx [mailx] 8.1.2-0.20071201cvs-3 A simple mail user agent
ii cron 3.0pl1-105 management of regular background p
ii lockfile-progs 0.1.11-0.1 Programs for locking and unlocking
ii logtail 1.2.69 Print log file lines that have not
ii rsyslog [system-lo 3.18.6-4 enhanced multi-threaded syslogd
ii sendmail-bin [mail 8.14.3-5 powerful, efficient, and scalable
Versions of packages logcheck recommends:
ii logcheck-database 1.2.69 database of system log rules for t
Versions of packages logcheck suggests:
pn syslog-summary <none> (no description available)
-- no debconf information
--- dhcp 2009-02-11 16:57:09.000000000 +0500
+++ dhcp.new 2010-02-08 03:50:23.000000000 +0500
@@ -10,6 +10,8 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPOFFER on [.0-9]{7,15}
to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [.[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPREQUEST for
[.0-9]{7,15} (\([.0-9]{7,15}\) )?from [:._[:alnum:]-]+ (\([\(\)._[:alnum:]-]+\)
)?via [.[:alnum:]-]+(: unknown lease [.0-9]{7,15}\.)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPACK on [.0-9]{7,15}
to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [.[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): (DHCPOFFER|DHCPACK) on
[.0-9]{7,15} to [:[:alnum:]]+ \([_[:alnum:] -]+\) via [[:alnum:]]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPREQUEST for
[.0-9]{7,15} (\([.0-9]{7,15}\) )?from [:._[:alnum:]-]+ (\([_[:alnum:] -]+\)
)?via [[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCP(NAK|RELEASE|INFORM)
(on|from) ([.0-9]{7,15}|[:[:alnum:].]+)$
#Added for dhcp 3
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPDISCOVER from [:[:alnum:]]+
(\([._[:alnum:]-]+\) |)via [.[:alnum:]-]+(: load balance to peer
[._[:alnum:]-]+)?$
_______________________________________________
Logcheck-devel mailing list
Logcheck-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
