I have since added a few more filtering rules for harmless messages to
my local-hostapd:
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ hostapd: [[:alnum:]]+: STA
([0-9a-f]{2}:){5}[0-9a-f]{2} IEEE 802\.11: disassociated$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ hostapd: [[:alnum:]]+: STA
([0-9a-f]{2}:){5}[0-9a-f]{2} IEEE 802\.11: disassociated due to inactivity$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ hostapd: [[:alnum:]]+: STA
([0-9a-f]{2}:){5}[0-9a-f]{2} IEEE 802\.11: deauthenticated due to
inactivity$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ hostapd: [[:alnum:]]+: STA
([0-9a-f]{2}:){5}[0-9a-f]{2} WPA: received EAPOL-Key 2/4 Pairwise with
unexpected replay counter$
These might also come in handy for "/etc/logcheck/ignore.d.server/hostapd".
Cheers
- gabe
_______________________________________________
Logcheck-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/logcheck-devel
