[Logcheck-devel] rsync rule problem...

Kristoffer Egefelt Tue, 09 Feb 2010 03:32:24 -0800

Hi,

Running logcheck 1.3.6 on debian lenny.


Getting lines like these every hour:

Feb  9 12:01:02 net-bk01 rsyncd[12243]: rsync to 
itoc/bk/net-admin01.domain.com/2010-02-09-05:00:01/var/ from UNKNOWN (9.9.9.9)

while having this in /etc/logcheck/ignore.d.server/rsync:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: rsync (to|on) 
[[:alnum:]/._-:]+ from [...@._[:alnum:]-]+ \([0-9.]{7,15}\)$

Funny thing is when running manually:

su -s /bin/bash -c "nice -n10 /usr/sbin/logcheck -o -t" logcheck

produces no output.

Somebody have a clue?

Thanks :-)

Regards
Kristoffer
_______________________________________________
Logcheck-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel

[Logcheck-devel] rsync rule problem...

Reply via email to