Skip to content
/ logcheck-extrarules Public
forked from ties/logcheck-extrarules

Extra rules for logcheck http://logcheck.org/ that clean up your inbox by adding some opinionated/sensible rules

1 star 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TheCreeper/logcheck-extrarules

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

203 Commits
ignore.d.server
ignore.d.server
 
 
violations.ignore.d
violations.ignore.d
 
 
README.md
README.md
 
 

Repository files navigation

Testing rules

When developing a regex you probably need to test it more ofthen than you want.

Console

Use the following line to test the logcheck regular expressions. Relevant logfiles (which logcheck checks) are /var/log/auth.log and /var/log/syslog

sed -e 's/[[:space:]]*$//' /var/log/syslog | egrep ''

The documentation at bluelightav.org uses a different method. The regex is stored in a file to prevent possible mangling by the shell;

  • save the regex in [file]
  • egrep --file [file] /var/log/syslog

Contributions

This repository contains rules contributed by others. If you want a rule to be added or consider some rules too lenient, please let me know. These logcheck rules keep my inbox (a bit) quieter.

Contributions by:

  • asgh
  • felixvictor
  • TheCreeper (pull request, and his fork have been merged into this repo)
  • ties

About

Extra rules for logcheck http://logcheck.org/ that clean up your inbox by adding some opinionated/sensible rules

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published