Skip to content

fabi125/logcheck-rules

 
 

Repository files navigation

logcheck-rules

My personal set of additional logcheck rules.

This is designed as an overlay to /etc/logcheck/ignore.d.server on Debian.

To add the overlay (might overwrite existing files!):

git clone -n https://github.com/fabi125/logcheck-rules.git /tmp/logcheck
mv /tmp/logcheck/.git/ /etc/logcheck/ignore.d.server/
cd /etc/logcheck/ignore.d.server/
git reset HEAD
git checkout-index -af
rmdir /tmp/logcheck

To show all lines matching a rule file (those lines will be ignored by logcheck):

egrep -f rules /var/log/syslog

To show all lines not matching a rule file (those lines will be send via mail):

egrep -v -f rules /var/log/syslog

About

My personal set of additional logcheck rules

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published