logcheck driving me nuts

To: debian-user@lists.debian.org
Subject: logcheck driving me nuts
From: Pim Bliek <pim@pingwings.nl>
Date: Sun, 2 Apr 2006 17:35:06 +0200
Message-id: <[🔎] 1125E4DB-2ABF-4166-99B5-A4C80CF3D23D@pingwings.nl>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi list

Logcheck is driving me NUTS. I'm not a regular expression guru sohere's my problem:

Every hour I run a script to kick out ssh brute force script kiddies.This generates the following in syslog:Apr 2 17:01:01 zenggi2 /USR/SBIN/CRON[29227]: (root) CMD (ruby /root/autodeny.rb )

Every hour logcheck likes to send me an email with only this line. SoI went to /etc/logcheck/ignore.d.server/cron and put this in:

^[[:alnum:]-]+autodeny[[:alnum:]-]+$

Which does not work.

Can someone please help me with a regexp that just works? I am notsuch a whizard with the logcheck regexp format..


Pim



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFEL+8rmoeJL6drT3wRAvlvAKCVFamsCj83HDZp0mRadqaE16uL1wCfVBCQ
BdHROQGaPTuLqLDFU0C3nsY=
=nrdl
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: logcheck driving me nuts
  - From: Oliver Jato <oliver.jato@gmx.de>
- Re: logcheck driving me nuts
  - From: diswill <david@diswill.homeip.net>
- Re: logcheck driving me nuts
  - From: Florian Kulzer <florian@molphys.leidenuniv.nl>

Prev by Date: wpasupplicant_0.4.8-1 problem
Next by Date: Xeon processors
Previous by thread: Re: wpasupplicant_0.4.8-1 problem
Next by thread: Re: logcheck driving me nuts
Index(es):
- Date
- Thread