logcheck — various filters


As mentioned earlier, I have a few of these logcheck filters I have created over the past few years. I use Debian and CentOS so other distros may not perfectly match.

These work in conjunction with the default filters, hence their naming scheme of local_<service>.

Dovecot
login, logout, mysql connections, lda delivery, ssl regen

  local_dovecot (1.5 KiB, 2,037 hits)

Managesieve (part of Dovecot)
login, logout

  local_managesieve (320 bytes, 1,996 hits)

OpenVPN
login related

  local_openvpn (506 bytes, 1,987 hits)

PostFWD
statistic log lines: dnsbl, rules, stats, cache, rate

  local_postfwd (104 bytes, 1,974 hits)

ProFTPd mod_ban (optional module)
obtained, detached, removed, showing ban list

  local_proftpd-banlog (230 bytes, 1,804 hits)

rSYSlog
start, exit, reload/hup, mark

  local_rsyslog (954 bytes, 1,952 hits)

OpenSSH
closed user request, closed preauth 127.0.0.1

  local_ssh (255 bytes, 2,023 hits)

swapspace
allocating, retiring, adding (kernel)

  local_swapspace (324 bytes, 1,967 hits)

Leave a Reply

You may leave the Name and Email fields blank to post anonymously.