diff options
| author | Stefan Kangas <skangas@skangas.se> | 2010-11-10 22:24:01 +0100 |
|---|---|---|
| committer | Stefan Kangas <skangas@skangas.se> | 2010-11-10 22:24:01 +0100 |
| commit | acb3db14391069a3b0f4fb4a46d9b5efeca3007b (patch) | |
| tree | 0c68bcea2a170f4941828c7e93984af3d1f0b1ec | |
| parent | 95ee305d85a1c2ebc1b95e5f947831f75bd5b4de (diff) | |
Add logcheck rules to ignore rsyslog status messages.
| -rw-r--r-- | fri-epost-docs.org | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fri-epost-docs.org b/fri-epost-docs.org index 83ba401..fa6f7b1 100644 --- a/fri-epost-docs.org +++ b/fri-epost-docs.org @@ -81,7 +81,10 @@ We welcome all critisism, suggestions for improvements, additions etc. Please s + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: disconnected by user$ + - /etc/logcheck/ignore.d.server/rsyslog [until rsyslog 4.2.0-2 hits stable] + ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel:( \[[[:digit:]]+\.[[:digit:]]+\])? imklog [0-9.]+, log source = /proc/kmsg started.$ + ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] restart$ ** Configuring aptitude and friends We're going for a setup where we install many security updates automatically using the package "unattended-upgrades". Automated upgrades are in general not a very good idea, but "unattended-upgrades" takes steps to minimize the issues with this kind of setup. Given the Debian security teams track record we believe the positives outweigh the negatives. |