logcheck 1.3.14 source package in Ubuntu


logcheck (1.3.14) unstable; urgency=low

  [ martin f. krafft ]
  * ignore.d.server/postfix:
    - ignore notice about verified TLS connections.
  * ignore.d.server/openvpn:
    - broaden filters to catch more messages.

  [ Hanspeter Kunz ]
  * ignore.d.server/dovecot:
    - allow for arbitrary msgids
    - ignore discarded vacation replies with precedence Bulk and list
    - ignore notice about managesieve logouts (closes: #637918)
  * ignore.d.server/postfix:
    - ignore (temporary) rejects messages when the sender domain is not found
    - ignore verify cache db cleanups

  [ Hannes von Haugwitz ]
  * src/logcheck:
    - added numeric timezone information to subject line
    - re-enabled globbing of logfile names (closes: #616103)
  * docs/README.logcheck-database:
    - mention logcheck-test in 'TESTING RULES' section
  * ignore.d.workstation/wpasupplicant:
    - match 5200, 5300, 5260 and 5680 MHz in 'Trying to associate' message
    - allow WPA protocol in 'wpa_action: key_mgmt' message
    - ignore "mode=station" message
    - ignore "Trying to authenticate" message
    - allow '/run/sendsigs.omit.d' as location for pidfile (closes: #633030)
  * ignore.d.server/login:
    - adjusted rule to match serial terminals
  * ignore.d.workstation/kernel:
    - ignore "Spinning up disk" message
    - ignore 'cfg80211: Calling CRDA for country' message
    - ignore 'Monitor-Mwait' messages
    - ignore WLAN 'waiting for beacon' and 'beacon received' messages
    - allow 'device number' in '(new|reset) (low|full|high) speed USB' and
      'USB disconnect' messages
  * ignore.d.server/cron-apt:
    - allow optional whitespace between value and unit, thanks to
      Gabor Kiss (closes: #609649)
    - allow optional architecture in "Get" message
  * ignore.d.server/dnsmasq:
    - allow '-' in interface name, thanks to Jan Evert van Grootheest
      (closes: #608256)
  * src/logcheck, etc/logcheck.conf:
    - added option to compress attachment with gzip
  * ignore.d.server/snmpd:
    - adjusted UDP rule to match new SNMP output format, thanks to
      Robert Naylor (closes: #613124)
  * docs/logcheck-test.1:
    - use 'logcheck-test' instead of 'logcheck' in the EXAMPLES
  * ignore.d.workstation/libpam-gnome-keyring:
    - adjusted rule to match messages without quotes (closes: #618411)
  * ignore.d.server/dhclient:
    - allow '-' in interface name (closes: #622942)
  * ignore.d.server/spamd:
    - adjusted 'child cleanup' rule to match new format, thanks to Enno Gröper
      (closes: #632471)
  * src/logcheck-test:
    - allow symbolic link as rule file
  * ignore.d.workstation/xlockmore:
    - applied patch by Libor Polčák: ignore local display
  * logcheck-database.preinst:
    - deleting ignore.d.server/webmin, package has been removed from debian
  * ignore.d.server/kernel:
    - ignore "kvm: emulating exchange as write" message
    - allow optional ". Opts: (null)" at the end of "mounted filesystem with
      (writeback|ordered) data mode" message
  * ignore.d.server/amavisd-new:
    - allow quarantine in "Passed SPAM" log line
    - allow subdirectories for quarantine messages and made Message-ID in
      "Passed BAD-HEADER" log lines optional, thanks to John Clements
    - allow compressed quarantine messages (closes: #639839)
  * debian/rules:
    - added build-indep and build-arch targets
  * debian/control:
    - bumped to Standards-Version 3.9.2 (no changes necessary)

  [ Gerfried Fuchs ]
  * Remove myself from uploaders.

  [ Jeremy L. Gaddis ]
  * ignore.d.server/postfix:
    - adjust postfix certificate fingerprint rule to match new output
      format, thanks to Loïc Minier (closes: #616616)
  * ignore.d.server/amavisd-new:
    - adjusted rule to match new output format, thanks to Adrian Lang
      (closes: #624197)
  * ignore.d.server/ssh:
    - add rule to ignore AllowGroups denial, thanks to Gerald Turner
      (closes: #637923)
  * ignore.d.server/dovecot:
    - adjusted rule to match IPv6 addresses, thanks to Gerald Turner
      (closes: #637916)
  * debian/copyright:
    - updated copyright year to 2011
    - added myself as team member

  [ Frédéric Brière ]
  * violations.d/kernel:
    - ignore whitespace before timestamp
  * ignore.d.workstation/kernel:
    - allow '.' in input device name
 -- Lo?c Minier <email address hidden>   Mon,  03 Oct 2011 23:51:48 +0000

Upload details

Uploaded by:
Loïc Minier on 2011-10-03
Uploaded to:
Original maintainer:
Debian logcheck Team
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise release on 2011-10-13 main admin


Oneiric: [FULLYBUILT] i386


File Size SHA-256 Checksum
logcheck_1.3.14.tar.gz 157.7 KiB aba50525b075e6b3446e18ff70b85d0704c82bcf80a5e21e4a5d2c27c555f6b0
logcheck_1.3.14.dsc 1.7 KiB 47f6389fb894a7d80adc6023c08d66aefc833f156ed70e4e9a5ccb7c735f713e

Available diffs

View changes file

Binary packages built by this source

logcheck: mails anomalies in the system logfiles to the administrator

 Logcheck helps spot problems and security violations in your logfiles
 automatically and will send the results to you in e-mail.
 Logcheck was part of the Abacus Project of security tools, but this
 version has been rewritten.

logcheck-database: database of system log rules for the use of log checkers

 This database is part of the Logcheck package, but might be used by others.
 It brings a database of regular expressions for matching system log entries
 after various criteria.

logtail: Print log file lines that have not been read (deprecated)

 This program will read in a standard text file and create an
 offset marker when it reads the end. The offset marker is read
 the next time logtail is run and the text file pointer is moved
 to the offset location. This allows logtail to read in the next
 lines of data following the marker. This is good for marking log
 files for automatic log file checkers to monitor system events.
 The package also provides logtail2, which better deals with rotated log
 files: If logtail2 finds that the inode of the file was changed, it assumes
 that the log has been rotated, and tries to find the file it was rotated to
 using heuristic plugins. If it finds the file, it will print the remainder of
 the file starting at the offset saved to the offset file. If a file with the
 correct inode was not found, logtail2 will only print the new file in its
 entirety before writing a new offset file.