Subject: logcheck-database: Tweak to dovecot rules to ignore managesieve logout Package: logcheck-database Version: 1.3.13 Severity: minor
*** Please type your report below this line *** Modification to existing rule to ignore harmless syslog messages like the following: Aug 15 11:13:14 azathoth dovecot: MANAGESIEVE(gturner): Disconnected: Logged out bytes=159702/16449 -- System Information: Debian Release: 6.0.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash -- Configuration Files: -- no debconf information -- Gerald Turner Email: [email protected] JID: [email protected] GPG: 0xFA8CD6D5 21D9 B2E8 7FE7 F19E 5F7D 4D0C 3FA0 810F FA8C D6D5
--- dovecot.orig 2011-08-15 11:51:48.775348529 -0700
+++ dovecot 2011-08-15 11:59:56.014955392 -0700
@@ -23,4 +23,4 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client out: CONT[[:space:]]+[[:digit:]]+[[:space:]]+[[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: ssl-build-param: SSL parameters regeneration completed$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: managesieve-login: Login: user=<[._[:alnum:]-]+>, method=[[:alnum:]-]+, rip=[.:[:digit:]]+, lip=[.:[:digit:]]+, (TLS( handshake)?|secured)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: MANAGESIEVE\([._[:alnum:]-]+\): Connection closed( bytes=[[:digit:]]+/[[:digit:]]+)?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: MANAGESIEVE\([._[:alnum:]-]+\): (Connection closed|Disconnected: Logged out)( bytes=[[:digit:]]+/[[:digit:]]+)?$
pgpLER3rwwUrU.pgp
Description: PGP signature
_______________________________________________ Logcheck-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/logcheck-devel
