logcheck driving me nuts
-----BEGIN PGP SIGNED MESSAGE-----
Logcheck is driving me NUTS. I'm not a regular expression guru so
here's my problem:
Every hour I run a script to kick out ssh brute force script kiddies.
This generates the following in syslog:
Apr 2 17:01:01 zenggi2 /USR/SBIN/CRON: (root) CMD (ruby /root/
Every hour logcheck likes to send me an email with only this line. So
I went to /etc/logcheck/ignore.d.server/cron and put this in:
Which does not work.
Can someone please help me with a regexp that just works? I am not
such a whizard with the logcheck regexp format..
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP SIGNATURE-----