Package: logcheck-database Version: 1.3.24 Followup-For: Bug #1020827 X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer, same here, I've patched it locally and just wanted to supply the patch. Hmm, I've just noticed, there actually already seems to be one. I send this nonetheless. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.0-2-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff -ru /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy /etc/logcheck/ignore.d.server/anon-proxy --- /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/anon-proxy 2022-07-14 22:09:03.000000000 +0200 @@ -1,2 +1,2 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +Try connecting to next Mix\.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected\!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected!$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/cyrus /etc/logcheck/ignore.d.server/cyrus --- /var/tmp/bugs/logcheck/ignore.d.server/cyrus 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/cyrus 2022-07-14 22:09:03.000000000 +0200 @@ -2,5 +2,5 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT failed( to open index file)?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT returned [0-9]+ messages$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/lmtpd\[[0-9]+\]: DBERROR db3: [12] lockers$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, \"[ [:alnum:][:punct:]]+\"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, "[ [:alnum:][:punct:]]+"$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/squatter\[[0-9]+\]: (skipping|indexing) mailbox [[:alpha:]^\.]+\.\.\.$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dhcp /etc/logcheck/ignore.d.server/dhcp --- /var/tmp/bugs/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.000000000 +0200 @@ -39,9 +39,9 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: TLS session successfully started to [:_.[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Successfully logged into LDAP server [._[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Found dhcpServer LDAP entry|LDAP: Parsing dhcpServer options|LDAP: Parsing dhcpService DN|Found LDAP entry|Parsing external DNs for) '[%=.,_[:alnum:]-]+'( \.\.\.)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(\&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Found dhcpHWAddress LDAP entry [-_=,.[:alnum:]]+$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename \"[.[:alnum:]]+\"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename "[.[:alnum:]]+"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '(allow booting|allow bootp|ddns-update-style (ad-hoc|interim|none)|(default|max|min)-lease-time [[:digit:]]+|authoritative|option domain-name "[._[:alnum:]-]+"|option domain-name-servers [._,[:alnum:][:space:]-]+|option subnet-mask [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '((subnet|netmask|option routers|option subnet-mask) [.[:digit:]]{7,15}|(default|max|min)-lease-time [[:digit:]]+|[[:space:]]|\{#012|\}#012|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line 'pool (range [.[:digit:]]{7,15} [.[:digit:]]+|(default|min|max)-lease-time [[:digit:]]+|failover peer "[-._[:alnum:]]+"|deny dynamic bootp clients|[[:space:]]|\{#012|\}#012|;#012)+'$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dovecot /etc/logcheck/ignore.d.server/dovecot --- /var/tmp/bugs/logcheck/ignore.d.server/dovecot 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/dovecot 2022-07-14 22:09:03.000000000 +0200 @@ -5,7 +5,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: \(pam_unix\) check pass; user unknown$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=([-_.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?( user=[-_.@[:alnum:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): check pass; user unknown$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_ldap: error trying to bind as user \".*\" \(Invalid credentials\)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_ldap: error trying to bind as user ".*" \(Invalid credentials\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|pop3)-login: Login: [.[:alnum:]@-]+ \[[.:[:xdigit:]]+\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Aborted login( \([[:digit:]]+ authentication attempts\))?: (user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, )?rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: (Disconnected|Aborted login)(: Inactivity)? (\(no auth attempts\):|\(auth failed, [[:digit:]]+ attempts\): user=<[-_.@[:alnum:]]+>, method=PLAIN,|\(aborted authentication\): method=PLAIN,) rip=[.[:digit:]]+, lip=[.[:digit:]]+, (TLS|SSL)(( handshaking)?(: Disconnected)?|: SSL_read\(\) syscall failed: Connection reset by peer)?$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/hylafax /etc/logcheck/ignore.d.server/hylafax --- /var/tmp/bugs/logcheck/ignore.d.server/hylafax 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/hylafax 2022-07-14 22:09:03.000000000 +0200 @@ -5,13 +5,13 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxGetty\[[0-9]+\]: RECV FAX \([0-9]+\): from.+, page [0-9]+ in [0-9:]+, INF, [0-9.]+ line/mm, [12]-D M.+, [0-9]+ bit/s$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxGetty\[[0-9]+\]: RECV FAX \([0-9]+\): recvq/fax[0-9]+.tif from .+ route to .+, [0-9]+ pages in [0-9:]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxGetty\[[0-9]+\]: RECV FAX: bin/faxrcvd "recvq/fax[0-9]+.tif" "[^[:space:]]+" "[0-9]+" "" "" ""$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: FIFO RECV \"Sclient/[[:digit:]]+:[[:digit:]]+\"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: FIFO RECV "Sclient/[[:digit:]]+:[[:digit:]]+"$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: JOB [0-9]+ \(failed dest \+[[:digit:]]+ pri [0-9]+ tts [:0-9]{4,5} killtime [:0-9]{7,8}\): (DEAD|DELETE|SEND DONE: [:0-9]{4,5})$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: JOB [[:digit:]]+ \((ready|active) dest [[:digit:]\+]+ pri [[:digit:]]+ tts [[:digit:]]+:[[:digit:]]+ killtime [[:digit:]]+:[[:digit:]]+:[[:digit:]]+\): (READY|PROCESS|ACTIVE|PREPARE START)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: MODEM .*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: NOTIFY exit status: 0 \([[:digit:]]+\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: NOTIFY: bin/notify \"doneq/q[[:digit:]]+\" \"done\" \"[[:digit:]]+:[[:digit:]]{2}\"$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: NOTIFY: bin/notify \"doneq/q[[:digit:]]+\" \"failed\" \"[:0-9]{4,5}\"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: NOTIFY: bin/notify "doneq/q[[:digit:]]+" "done" "[[:digit:]]+:[[:digit:]]{2}"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: NOTIFY: bin/notify "doneq/q[[:digit:]]+" "failed" "[:0-9]{4,5}"$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: STATE CHANGE: RUNNING -> LOCKWAIT \(timeout [[:digit:]]+\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxQueuer\[[0-9]+\]: SUBMIT JOB [[:digit:]]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ FaxSend\[[0-9]+\]: SEND FAX: JOB [[:digit:]]+ DEST [ [:digit:]()-]+ COMMID \w+ DEVICE '[/[:alnum:]]+'$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/innd /etc/logcheck/ignore.d.server/innd --- /var/tmp/bugs/logcheck/ignore.d.server/innd 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/innd 2022-07-14 22:09:03.000000000 +0200 @@ -2,7 +2,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (rnews|innd|batcher): Reading config from /etc/news/inn\.conf$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ batcher\[[0-9]+\]: batcher [[:alnum:]]+ stats batches [0-9]+ articles [0-9]+ bytes [0-9]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ batcher\[[0-9]+\]: batcher [[:alnum:]]+ times user [.0-9]+ system [.0-9]+ elapsed [.0-9]+$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cnfsstat\[[0-9]+\]: Class (ARCHIV|SPOOL) for groups matching \"[^[:space:]]+\" Buffer (ARCH|SPOOL)[0-9]+, len: [0-9]+ Mbytes, used: [0-9]+\.[0-9]+ Mbytes \([0-9 ]+\.[0-9]%\) [ 0-9]+ cycles$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cnfsstat\[[0-9]+\]: Class (ARCHIV|SPOOL) for groups matching "[^[:space:]]+" Buffer (ARCH|SPOOL)[0-9]+, len: [0-9]+ Mbytes, used: [0-9]+\.[0-9]+ Mbytes \([0-9 ]+\.[0-9]%\) [ 0-9]+ cycles$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: ME HISstats [0-9]+ hitpos [0-9]+ hitneg [0-9]+ missed [0-9]+ dne$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: ME time [0-9]+ hishave [0-9]+\([0-9]+\) hiswrite [0-9]+\([0-9]+\) hissync [0-9]+\([0-9]+\) idle [0-9]+\([0-9]+\) artclean [0-9]+\([0-9]+\) artwrite [0-9]+\([0-9]+\) artcncl [0-9]+\([0-9]+\) hishave/artcncl [0-9]+\([0-9]+\) his(grep|write)/artcncl [0-9]+\([0-9]+\) artlog/artcncl [0-9]+\([0-9]+\) his(write|grep)/artcncl [0-9]+\([0-9]+\) sitesend [0-9]+\([0-9]+\) overv [0-9]+\([0-9]+\) perl [0-9]+\([0-9]+\) nntpread [0-9]+\([0-9]+\) artparse [0-9]+\([0-9]+\)( artlog/artparse [0-9]+\([0-9]+\))? artlog [0-9]+\([0-9]+\) datamove [0-9]+\([0-9]+\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: SERVER (servermode|flushlogs) (running|paused)$ @@ -13,7 +13,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+ connected [0-9]+ streaming allowed$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+ flush$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+ opened [^[:space:]]+$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+:[0-9]+ NCmode \"mode stream\" received$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+:[0-9]+ NCmode "mode stream" received$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+:[0-9]+ inactive [0-9]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [._[:alnum:]-]+:[0-9]+ readclose$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ innd: [[:alpha:]]:?$ @@ -35,7 +35,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: Auth strategy '[[:alnum:]]+' does not match client\. Removing\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: Reading access from /etc/news/readers\.conf$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: SERVER perl filtering enabled$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [._[:alnum:]-]+ (no_)?match_user [<>_[:alnum:]-]+(@[._[:alnum:]-]+)? [<>,_,\*,\![:alnum:][:punct:]-]+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [._[:alnum:]-]+ (no_)?match_user [<>_[:alnum:]-]+(@[._[:alnum:]-]+)? [<>,_,\*,![:alnum:][:punct:]-]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [._[:alnum:]-]+ Tracking Disabled \(unknown\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [._[:alnum:]-]+ \([.0-9]+\) connect$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nnrpd\[[0-9]+\]: [._[:alnum:]-]+ \(unknown\) posttrack ok [[:graph:]]+<[[:graph:]]+@[._[:alnum:]-]+>$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/nagios /etc/logcheck/ignore.d.server/nagios --- /var/tmp/bugs/logcheck/ignore.d.server/nagios 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/nagios 2022-07-14 22:09:03.000000000 +0200 @@ -19,5 +19,5 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE FLAPPING ALERT: [._[:alnum:]-]+;[._[:alnum:]-]+;(STARTED|STOPPED); Service appears to have (started|stopped) flapping \([[:digit:].]+% change (<|>=?) [.[:digit:]]+% threshold\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT \()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;CRITICAL;.*$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: Warning: Host '[[:alnum:]]+' has no services associated with it\!$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: Warning: Host '[[:alnum:]]+' has no services associated with it!$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: Warning: The results of service '[ [:alnum:][:punct:]]+' on host '[._[:alnum:]-]+' are stale by [[:digit:]]+ seconds \(threshold=[[:digit:]]+ seconds\). I'm forcing an immediate check of the service\.$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/perdition /etc/logcheck/ignore.d.server/perdition --- /var/tmp/bugs/logcheck/ignore.d.server/perdition 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/perdition 2022-07-14 22:09:03.000000000 +0200 @@ -1,4 +1,4 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Connect: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Auth: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user=\"[[:alnum:]+[:punct:]+]+\" server=\"[[:alnum:]+[:punct:]]+\" port=\"[0-9]+\" status=\"ok\"$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Close: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user=\"[[:alnum:]+[:punct:]+]+\" received=[0-9]+ sent=[0-9]+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Auth: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user="[[:alnum:]+[:punct:]+]+" server="[[:alnum:]+[:punct:]]+" port="[0-9]+" status="ok"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Close: [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}->[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} user="[[:alnum:]+[:punct:]+]+" received=[0-9]+ sent=[0-9]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ perdition\[[0-9]+\]: Closing NULL session: [.0-9]{7,15}->[.0-9]{7,15} username=\(null\)$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/qpopper /etc/logcheck/ignore.d.server/qpopper --- /var/tmp/bugs/logcheck/ignore.d.server/qpopper 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/qpopper 2022-07-14 22:09:03.000000000 +0200 @@ -1,6 +1,6 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: connect from [._[:alnum:]-]+$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: \(v[.[:digit:]]+\) POP login by user \"[@._[:alnum:]-]+\" at \([._[:alnum:]-]+\) [.[:digit:]]+ \[pop_log.c:244\]$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: \(v[.[:digit:]]+\) POP login by user "[@._[:alnum:]-]+" at \([._[:alnum:]-]+\) [.[:digit:]]+ \[pop_log.c:244\]$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: \[drac\]: login by [@._[:alnum:]-]+ from host [._[:alnum:]-]+ \([.[:digit:]]+\) \[drac.c:[0-9]+\]$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: [@._[:alnum:]-]+ at [._[:alnum:]-]+ \([.[:digit:]]+\): -ERR Message [[:digit:]]+ does not exist. \[pop_send.c:289\]$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: ([@._[:alnum:]-]+|\(null\)) at [._[:alnum:]-]+ \([.[:digit:]]+\): -ERR Unknown command: \"[[:alnum:]]+\". \[pop_get_command.c:152\]$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: ([@._[:alnum:]-]+|\(null\)) at [._[:alnum:]-]+ \([.[:digit:]]+\): -ERR Unknown command: "[[:alnum:]]+". \[pop_get_command.c:152\]$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: \(v[.[:digit:]]+\) Unable to get canonical name of client [.[:digit:]]+: Name or service not known \(-2\) \[pop_init.c:1196\]$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/samba /etc/logcheck/ignore.d.server/samba --- /var/tmp/bugs/logcheck/ignore.d.server/samba 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.server/samba 2022-07-14 22:09:03.000000000 +0200 @@ -5,7 +5,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: +dump workgroup on subnet +(UNICAST_SUBNET|[[:digit:]\.]+): netmask= +[[:digit:]\.]+:$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: +dump_workgroups\(\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: .* find_.*$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: \[[[:digit:] \/:,]+\] nmbd/nmbd.c:process\([[:digit:]]+\)$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: \[[[:digit:] \/:,]+\] nmbd/nmbd_workgroupdb.c:dump_workgroups\([[:digit:]]+\)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: \[[[:digit:] /:,]+\] nmbd/nmbd.c:process\([[:digit:]]+\)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]: \[[[:digit:] /:,]+\] nmbd/nmbd_workgroupdb.c:dump_workgroups\([[:digit:]]+\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nmbd\[[[:digit:]]+\]:[[:space:]]+Got SIGHUP dumping debug info\.$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ [ns]mbd\[[[:digit:]]+\]: connect from$ diff -ru /var/tmp/bugs/logcheck/ignore.d.workstation/kernel /etc/logcheck/ignore.d.workstation/kernel --- /var/tmp/bugs/logcheck/ignore.d.workstation/kernel 2022-07-14 22:09:03.000000000 +0200 +++ /etc/logcheck/ignore.d.workstation/kernel 2022-07-14 22:09:03.000000000 +0200 @@ -65,7 +65,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? sd [:[:digit:]]+: \[sd[a-z]\] Assuming drive cache: write through$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? sd [:[:digit:]]+: \[sd[a-z]\] Spinning up disk\.\.\.\.ready$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? [[:space:]]*sd[a-z]:( sd[a-z][[:digit:]]+)*$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? sr[[:digit:]]+: [^[:space:]]+ drive(: [ \/[:alnum:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? sr[[:digit:]]+: [^[:space:]]+ drive(: [ /[:alnum:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? +Type: +[^[:space:]]+ +ANSI SCSI revision: [[:digit:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? (sr [:[:digit:]]+: )?Attached scsi CD-ROM sr[[:digit:]]+( at scsi[[:digit:]], channel [[:digit:]], id [[:digit:]], lun [[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ scsi.agent\[[[:digit:]]+\]: (disk|cdrom) at [\./:[:alnum:]-]+$ @@ -92,7 +92,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? cdc_acm [-:[:digit:].]+ ttyACM[[:digit:]]: USB ACM device$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? drivers/usb/serial/pl2303.c: Prolific PL2303 USB to serial adaptor driver v[.[:digit:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? Bluetooth: HCI USB driver ver [.[:digit:]]+$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? drivers\/usb\/class\/audio\.c: v[.[:digit:]]+:USB Audio Class driver$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? drivers/usb/class/audio\.c: v[.[:digit:]]+:USB Audio Class driver$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? usbaudio: assuming that a stereo channel connected directly to a mixer is missing in search \(got .*\?\)\. Should be fine\.$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? usbaudio: constructing mixer for Terminal [[:digit:]]+ type 0x[[:digit:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? usbaudio: device [[:digit:]] audiocontrol interface [[:digit:]] has [[:digit:]] input and [[:digit:]] output AudioStreaming interfaces$