diff options
| author | Guilhem Moulin <guilhem.moulin@ens-lyon.org> | 2012-11-13 21:44:33 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem.moulin@ens-lyon.org> | 2012-11-13 21:44:33 +0100 |
| commit | f503454e89f3f3b8a21589906b4d43cd0f73e420 (patch) | |
| tree | 2e3df62f504f1c8a353b0b33339c324710d629d0 | |
| parent | f1ad520673d16854d3d3b81723bf07bd68a5160f (diff) | |
Fixed logcheck
| -rw-r--r-- | fripost-docs.org | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/fripost-docs.org b/fripost-docs.org index f89f344..d73b83f 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -150,9 +150,9 @@ sudo aptitude install logcheck syslog-summary ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: TIMEOUT: dns.loopia.se after 120 seconds$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:80 socket: IO::Socket::INET: Bad hostname 'dns.loopia.se'$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:80 socket: IO::Socket::INET: connect: Connection timed out$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: SSL connect attempt failed because of handshake problemserror:00000000:lib(0):func(0):reason(0) IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: SSL connect attempt failed with unknown errorerror:00000000:lib(0):func(0):reason(0) IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: Timeout IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: SSL connect attempt failed because of handshake problemserror:00000000:lib\(0\):func\(0\):reason\(0\) IO::Socket::INET configuration failederror:00000000:lib\(0\):func\(0\):reason\(0\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: SSL connect attempt failed with unknown errorerror:00000000:lib\(0\):func\(0\):reason\(0\) IO::Socket::INET configuration failederror:00000000:lib\(0\):func\(0\):reason\(0\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: connect: Connection timed out IO::Socket:: INET configuration failederror:00000000:lib\(0\):func\(0\):reason\(0\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: file /var/cache/ddclient/ddclient.cache, line [0-9]+: Invalid Value for keyword 'ip' = ''$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: updating [._[:alnum:]-]+: nochg: No update required; unnecessary attempts to change to the current address are considered abusive$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: [.0-9]{7,15} interface [.0-9]{7,15} -> [.0-9]{7,15}$ @@ -161,12 +161,19 @@ sudo aptitude install logcheck syslog-summary ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(smtpd|cleanup|trivial-rewrite|postmap)\[[0-9]+\]: warning: dict_ldap_open: /etc/postfix/ldap/ldap_virtual_alias_catchall_maps.cf: Fixed query_filter \(\&\(ObjectClass=virtualAliases\)\(mailLocalAddress=\)\(isActive=TRUE\)\) is probably useless$ # | Untrusted connections should be taken care of on the client's side. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: Untrusted TLS connection established from -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [._[:alnum:]-]+\[[0-9.:]+\]: (Unt|T)rusted: subject_CN=.*, issuer=.*, fingerprint= +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [._[:alnum:]-]+\[[:[:xdigit:].]+\]: (Unt|T)rusted: subject_CN=.*, issuer=.*, fingerprint= # | Postfix reload ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/postfix-script\[[[:digit:]]+\]: refreshing the Postfix mail system$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/master\[[[:digit:]]+\]: reload -- version # | slapo-constraint ignores slapd's logging configuration ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ slapd\[[[:digit:]]+\]: constraint_update\(\)$ +# | On the MXs only: Servers that don't speak proper (E)SMTP don't deserve to be listened. +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: improper command pipelining after (EHLO|DATA) from [._[:alnum:]-]+\[[:[:xdigit:].]+\]$ +# | On the MXs only: Poorly configured server certificates will be ignored and the connection will back as untrusted. +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: certificate verification failed for [._[:alnum:]-]+\[[:[:xdigit:].]+\]: not designated for use as a client certificate$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: client certificate verification failed for [._[:alnum:]-]+\[[:[:xdigit:].]+\]: certificate has expired$ +# | On Benjamin +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? usb [[:digit:]]+-[.[:digit:]]+: (new|reset) (low|full|high) speed USB device using ([_[:alnum:]-]+ and )?address [[:digit:]]+$ ** Configuring aptitude and friends @@ -2131,6 +2138,7 @@ Finally, we need a new set of rules for logcheck: ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix-lists/n?qmgr\[[[:digit:]]+\]: [[:alnum:]]+: message-id=(<?[^[:space:]]+>?)?( \(added by [^[:space:]]+\))?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix-lists/n?qmgr\[[[:digit:]]+\]: [[:alnum:]]+: removed$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix-lists/n?qmgr\[[[:digit:]]+\]: [[:alnum:]]+: skipped, still being delivered$ + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix-lists/trivial-rewrite\[[[:digit:]]+\]: table cdb:/etc/postfix-lists/(:?mailman|schleuder)/transport\([-,|_[:alnum:]]+\) has changed -- restarting$ (We could use the whole /etc/logcheck/ignore.d.server/postfix, but it's better to stick to the smallest rule set.) |