Re: Logcheck entries

From: David Chin (dwchin@umich.edu)
Date: 12/18/01

Previous message: Zeshan Ghory: "Re: loging user's commands"
In reply to: Steven Clark: "Re: Logcheck entries"
Next in thread: Eric Santonacci: "Re: Logcheck entries"
Next in thread: Don Felgar: "Re: Logcheck entries"
Reply: Eric Santonacci: "Re: Logcheck entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-linux@securityfocus.com
From: David Chin <dwchin@umich.edu>
Date: Tue, 18 Dec 2001 16:40:57 -0500

In message <5.1.0.14.0.20011217233409.00aba218@porky.home.unixkb.org>, Steven C
lark writes:
> [snip]
> Logcheck uses four different files out of the box to
> generate its report.
>
> logcheck.hacking
> logcheck.ignore
> logcheck.violations
> logcheck.violations.ignore
>
> [snip]

Logcheck seems to use simple pattern matching. Or are they really regular
expressions?

--Dave
dwchin@umich.edu

Previous message: Zeshan Ghory: "Re: loging user's commands"
In reply to: Steven Clark: "Re: Logcheck entries"
Next in thread: Eric Santonacci: "Re: Logcheck entries"
Next in thread: Don Felgar: "Re: Logcheck entries"
Reply: Eric Santonacci: "Re: Logcheck entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Logcheck entries
... I'll cover how to customize logcheck just to ... Logcheck uses four different files out of the box to ... generate its report. ... placed in the "Security Violations" section of the report. ...
(Focus-Linux)
Re: Logcheck entries
... If I'm right, LogCheck uses egrep, so it should support Extended Regular ...
(Focus-Linux)