Hello!
For many years I've been using the security/logcheck port for monitoring
my system logs. Majority of this time it's been logcheck 1.1.1, but now I
installed a new server and with it came my first experience with logcheck
1.2.54 which now seems to be maintained by Debian. The configuration has
changed quite thoroughly, but I have no problem with that, if only I could
get it all to work...
The short summary of my problem is that I can't get logcheck to ignore any
messages that I don't want reported. In my case these messages appear
under "System Events" section in the logfile, so my understanding is that
putting the matching regexes into ignore.d.server/local should filter them
out. But it doesn't.
I've verified all my regexes with egrep as directed in logcheck
documentation and they are processed correctly. I've tried running
'logcheck -d' from command line and it seems to process all the
configuration files (including my local rules file), but it doesn't give
me any indication why it chooses to ignore my regexes.
At this point my question is whether anyone at all has gotten this to work
on FreeBSD or should I start looking for a replacement for logcheck
(recommendations welcome)?
--
Toomas Aas
... Bugs are Sons of Glitches!
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
