Package: Logcheck Version: 1.2.54 Distro: Debian Etch (stable) Kernel: 2.6.18-5-686 #1 SMP
I'm trying to force logcheck (reportlevel=server) to ignore smbd_audit logs. smbd_audit is a vfs module of samba. It writes logs into /var/log/syslog file. Typical log looks like this: Oct 24 08:36:14 server4 smbd_audit: Documents|Johnson|192.168.50.19|unlink ok|Projects/doc1.pdf I've added the simplest rule I guess: ^.*smbd_audit.*$ to these files: /etc/logcheck/violations.ignore.d/logcheck-samba /etc/logcheck/ignore.d.server/samba ..but logcheck doesn't want to ignore logs with "smbd_audit". On the other hand - logcheck "ignore" works fine for many other of my regexp rules... Regards, -- Marcin Kuras -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
