Tag Archives: logcheck

logcheck — various filters

As mentioned earlier, I have a few of these logcheck filters I have created over the past few years. I use Debian and CentOS so other distros may not perfectly match.

These work in conjunction with the default filters, hence their naming scheme of local_<service>.

login, logout, mysql connections, lda delivery, ssl regen

  local_dovecot (1.5 KiB, 1,960 hits)

Managesieve (part of Dovecot)
login, logout

  local_managesieve (320 bytes, 1,931 hits)

login related

  local_openvpn (506 bytes, 1,919 hits)

statistic log lines: dnsbl, rules, stats, cache, rate

  local_postfwd (104 bytes, 1,826 hits)

ProFTPd mod_ban (optional module)
obtained, detached, removed, showing ban list

  local_proftpd-banlog (230 bytes, 1,735 hits)

start, exit, reload/hup, mark

  local_rsyslog (954 bytes, 1,799 hits)

closed user request, closed preauth

  local_ssh (255 bytes, 1,956 hits)

allocating, retiring, adding (kernel)

  local_swapspace (324 bytes, 1,895 hits)

logcheck — amavisd-new filter

Posted on .

Tested using Debian 7 Wheezy. To be added to /etc/logcheck/ignore.d.server/

With javascript enabled, the above regex block has a toolbar with a copy-to-clipboard button.

I have quite a few of these custom filters, I’ll post some more at another time.