also sprach Stefan Schlesinger <[EMAIL PROTECTED]> [2006.11.22.1439 +0100]: > first test results from our system show that two more > common log entries are not ignored by logcheck: > > Nov 22 14:24:29 imapsrv dovecot: auth(default): client in: CONT<hidden> > Nov 22 14:24:29 imapsrv dovecot: auth(default): client out: CONT 1 > AAa0a000aaA0
Please try this patch:
Index: rulefiles/linux/ignore.d.server/dovecot
===================================================================
--- rulefiles/linux/ignore.d.server/dovecot (revision 1382)
+++ rulefiles/linux/ignore.d.server/dovecot (working copy)
@@ -15,3 +15,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\(-_.[[:alnum:]]+\):
(pg|my)sql: Connected to [-_.[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: \(pam_unix\) check
pass; user unknown$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ deliver\([EMAIL
PROTECTED]:alnum:]]+\): msgid=<[^[:space:]]+>: saved mail to [-_.[:alnum:]]+$
+# see #396760
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client
in: AUTH
[[:digit:]]+[[:space:]]+(PLAIN|plain|LOGIN|login|(CRAM|DIGEST)-MD5|(cram|digest)-md5)[[:space:]]+service=IMAP[[:space:]]+(secured
)?lip=[.:[:xdigit:]]+[[:space:]]+rip=[.:[:xdigit:]]+[[:space:]]+resp=<hidden>$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client
in: CONT<hidden>
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client
out: CONT[[:space:]]+[[:digit:]]+[[:space:]]+[[:alnum:]]+$
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
signature.asc
Description: Digital signature (GPG/PGP)
_______________________________________________ Logcheck-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
