From 718cf66e5b17dca5f8c0d63c9f73fcfcce6a9a8f Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard <dr@jones.dk> Date: Tue, 2 Jul 2002 21:55:48 +0000 Subject: logcheck: Various small tweaks. --- logcheck/ignore.d.server/postfix | 2 +- logcheck/ignore.d.server/postgresql | 2 ++ logcheck/ignore.d.server/tmp | 2 -- logcheck/ignore.d.workstation/local | 2 +- logcheck/violations.ignore.d/temp | 1 - 5 files changed, 4 insertions(+), 5 deletions(-) create mode 100644 logcheck/ignore.d.server/postgresql (limited to 'logcheck') diff --git a/logcheck/ignore.d.server/postfix b/logcheck/ignore.d.server/postfix index 17011f8..93626d3 100644 --- a/logcheck/ignore.d.server/postfix +++ b/logcheck/ignore.d.server/postfix @@ -11,6 +11,6 @@ postfix/smtp\[.*\]: warning: host [\.[:alnum:]-]+\[[\.[:digit:]]+\] (greeted me| postfix/smtpd\[.*\]: (lost connection|timeout) after [^ ]+ from [\.[:alnum:]-]+\[[\.[:digit:]]+\] postfix/smtpd\[.*\]: warning: .*: address not listed for hostname .* postfix/smtpd\[.*\]: warning: .*: hostname [\.[:alnum:]-]+ verification failed: Host (name has no address|not found) -postfix/smtpd\[.*\]: warning: [\.[:alnum:]-]+ sent mail content instead of SMTP command: Subject: [\.[:digit:]]+ +postfix/smtpd\[.*\]: warning: .* sent mail content instead of SMTP command: postfix/postfix-script: refreshing the Postfix mail system postfix/master\[.*\]: reload configuration diff --git a/logcheck/ignore.d.server/postgresql b/logcheck/ignore.d.server/postgresql new file mode 100644 index 0000000..5af6244 --- /dev/null +++ b/logcheck/ignore.d.server/postgresql @@ -0,0 +1,2 @@ +postgres\[.*\]: \[[0-9-]*\] \^ICPU .* sec elapsed .* sec\. +postgres\[.*\]: \[[0-9-]*\] \^ITotal CPU .* sec elapsed .* sec\. diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp index 9724d76..06f2363 100644 --- a/logcheck/ignore.d.server/tmp +++ b/logcheck/ignore.d.server/tmp @@ -57,7 +57,5 @@ snort: spp_portscan: portscan status from snort: WEB-../..: snort: WEB-CGI-upload.pl: postgres\[.*\]: \[.*\] DEBUG: -postgres\[.*\]: \[[0-9-]*\] \^ICPU .* sec elapsed .* sec\. -postgres\[.*\]: \[[0-9-]*\] \^ITotal CPU .* sec elapsed .* sec\. postgres\[.*\]: \[[0-9-]*\] Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\. postgres\[.*\]: \[[0-9-]*\] [0-9]*; Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\. diff --git a/logcheck/ignore.d.workstation/local b/logcheck/ignore.d.workstation/local index b287dbe..5aed1b0 100644 --- a/logcheck/ignore.d.workstation/local +++ b/logcheck/ignore.d.workstation/local @@ -18,4 +18,4 @@ named\[.*\]: .* All possible .* lame named\[.*\]: ns_forw: sendto.*: Network is unreachable init: Entering runlevel: 2 syslogd started: BusyBox v[\.[:digit:]]+ \(.*\) -rpc.mountd: authenticated mount request from 192\.168\..* for /home/opt/ltsp/i386 (/home/opt/ltsp/i386) +rpc.mountd: authenticated mount request from 192\.168\..* for /home/opt/ltsp/i386 \(/home/opt/ltsp/i386\) diff --git a/logcheck/violations.ignore.d/temp b/logcheck/violations.ignore.d/temp index af8a7ef..27a6957 100644 --- a/logcheck/violations.ignore.d/temp +++ b/logcheck/violations.ignore.d/temp @@ -18,4 +18,3 @@ postfix/smtpd\[.*\]: reject: .*: 550 <.*>: User unknown; .* postfix/smtpd\[.*\]: reject: .*: 554 <.*>: Recipient address rejected: User unknown; .* postfix.*\[.*\]: .* from=<(groove@mailomat.grooveattack.com|refused@maila.com)> snort: spp_http_decode: IIS Unicode attack detected: -postgres\[.*\]: \[.*\] DEBUG: -- cgit v1.2.3