Your message dated Sun, 29 Dec 2024 21:52:33 +0000 with message-id <caj3buorqcuu5zojhdcssolvie1qcmht6p0jf1gbzcv4hqw9...@mail.gmail.com> and subject line Re: ignore individual entries but write summaries has caused the Debian Bug report #583600, regarding ignore individual entries but write summaries to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 583600: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583600 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---package: logcheck severity: wishlist Hi, I often add logcheck ignore rules for security related events (like ssh login attemps. etc), cause they are too many and login is protected reasonably anyway. But then I would like to get summaries for some ignored patterns, probably one mail per host day. Do you think thats a reasonable feature request? cheers, Holger
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---On Sun, 12 May 2024 15:19:23 +0100 Richard Lewis <[email protected]> wrote: > On Fri, 28 May 2010 19:04:17 +0200 Holger Levsen <[email protected]> > wrote: > > > I often add logcheck ignore rules for security related events (like ssh > > login > > attemps. etc), cause they are too many and login is protected reasonably > > anyway. > > > > But then I would like to get summaries for some ignored patterns, probably > > one > > mail per host day. > > > > Do you think thats a reasonable feature request? > > This is already possible, maybe that's why no-one replied for 15 > years. Simply create a command called syslog-summary and tell logcheck > to use it (via the setting in logcheck.conf) > > Think we should close this bug on that basis > > it would be better to develop such a summarising programme outside > logcheck as it's a whole other project to work out what to summarise, > and how to present the results - you'd need a lot of flexibility to > please everyone, i suspect. There was packaged version called > syslog-summary some releases ago, but no-one maintained it and it was > removed from Debian. but the code to use it remains in logcheck. syslog-summary is now back in debian since Nov 2024!, see https://tracker.debian.org/pkg/syslog-summary so closing this logcheck bug - logcheck can call syslog-summary and, i assume, that will do any summarising people want If logcheck needs more support for this (it shouldnt? but i didnt test), please open a new bug
--- End Message ---
