diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2006-01-02 16:43:22 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2006-01-02 16:43:22 +0000 |
| commit | 5dc81b491223d69988ff1018758bc3d7f71ab861 (patch) | |
| tree | a706649589b5ac42065f55c66b2e7829910cf6a6 /logcheck | |
| parent | a2063e8dff3b9693a4ee1f5528a82e17f2071163 (diff) | |
Ignore oidentd failing to locate non-existing user. Ignore remote smtp servers failing to fork.
Diffstat (limited to 'logcheck')
| -rw-r--r-- | logcheck/violations.ignore.d/local | 2 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/oident | 1 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/postfix | 1 |
3 files changed, 4 insertions, 0 deletions
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local index ea3f401..4bdc331 100644 --- a/logcheck/violations.ignore.d/local +++ b/logcheck/violations.ignore.d/local @@ -41,6 +41,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: HOST ALERT:.*;DOWN;SOFT;.*;CRITICAL.* ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: HOST ALERT:.*;UP;SOFT;.*;PING OK.* ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: Successfully shutdown\.\.\. \(PID=[0-9]+\) $ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: \[[\.0-9]+\] [0-9]+ , 25 : ERROR : NO-USER$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pmud\[[0-9]+\]: Sleep for this PMU unsupported: will shutdown the machine on sleep request$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(local|smtpd)\[[0-9]+\]: warning: [\.0-9]+: hostname [^[:space:]]+ verification failed: Host (name has no address|not found(, try again)?)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(local|smtpd)\[[0-9]+\]: warning: reject: ETRN [^[:space:]]+\.\.\. from [^[:space:]]+\[[\.0-9]+\]$ @@ -56,6 +57,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: certificate verification failed for [^[:space:]]+:( num=10:)?certificate has expired$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service) +\(port 25\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?421 Fork failed +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?521 [^[:space:]]+ access denied +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: Blocked|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)) +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (([\.0-9]+ )?<[^[:space:]]+>: Client host rejected: (No mail accepted from you|Reject Dynamic ip)|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$ diff --git a/logcheck/violations.ignore.d/oident b/logcheck/violations.ignore.d/oident new file mode 100644 index 0000000..d1bbf16 --- /dev/null +++ b/logcheck/violations.ignore.d/oident @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: \[[\.0-9]+\] [0-9]+ , 25 : ERROR : NO-USER$ diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix index e7ae14e..dbb2b9f 100644 --- a/logcheck/violations.ignore.d/postfix +++ b/logcheck/violations.ignore.d/postfix @@ -15,6 +15,7 @@ # Too much spam refuse to eat their own shit ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service) +\(port 25\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?421 Fork failed +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?521 [^[:space:]]+ access denied +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: Blocked|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)) +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (([\.0-9]+ )?<[^[:space:]]+>: Client host rejected: (No mail accepted from you|Reject Dynamic ip)|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$ |