Also /etc/logcheck/violations.ignore.d/logcheck-su. Does not work:
echo 'Mar 14 06:25:09 erode su: (to uucp) root on none' | egrep '^\w{3} [
:0-9]{11} [._[:alnum:]-]+ su: \(to [._[:alnum:]-]+\) [._[:alnum:]-]+ on
pts/[0-9]{1,2}$'
Fixed:
echo 'Mar 14 06:25:09 erode su: (to uucp) root on none' | egrep '^\w{3} [
:0-9]{11} [._[:alnum:]-]+ su: \(to [._[:alnum:]-]+\) [._[:alnum:]-]+ on
(none|pts/[0-9]{1,2})$'
--
ciao,
Marco
signature.asc
Description: PGP signature
