Package: logcheck-database
Version: 1.4.2+deb12u1
Severity: normal
Dear Maintainer,
I ran this Bash command in /etc/logcheck/ignore.d.server/ directory:
for f in *
do
echo $f================
while read line
do
grep -E "$line" /dev/null 2>&1
[[ "$?" = 2 ]] && echo $line
done < $f
done
The grep complained about more than hundred of regular expressions. Sample:
courier================
grep: Unmatched [, [^, [:, [., or [=
^(w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ ((imap|pop3)(login|d-ssl)|cou
riertcpd): (LOGOUT|TIMEOUT|DISCONNECTED), ip=[[.:[:alnum:]]+](, port=[[[:digit:]
]+])?, headers=[[:digit:]]+, body=[[:digit:]]+$
cron-apt================
grep: Invalid range end
^(w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ cron-apt: CRON-APT RUN
[[-[:alnum:]/]+]: w{3} w{3} [ [:digit:]]+ [:[:digit:]]{8} w{3,4} [[:digit:]]{4}$
grep: Unmatched [, [^, [:, [., or [=
smartd================
grep: Unmatched ( or \(
^(w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ smartd[[[:digit:]]+]:
Device: /dev/[^[:space:]]+( [[_/[:alnum:][:space:]]+])?( [SAT])?, Temperature
changed (-|+)?[1-3]+ Celsius to ([0-4]?[[:digit:]]|5[0-4]) Celsius since last
report$
ssh================
grep: Invalid character class name
^(w{3} [ :[:digit:]]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ sshd[[[:digit:]]+]:
reverse mapping checking getaddrinfo for [._[:alnum:]-]+ ([[:.[:xdigit:]]+]
)?failed - POSSIBLE BREAK-?IN ATTEMPT!$
sympa================
grep: Invalid collation character
^(w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ wwsympa[[0-9]+]: [robot
[._[:alnum:]-]+] [client [0-9.]{7,15}] [user [^[:space:]]+] do_home$
IMHO it would be useful to examine the reported lines.
Gabor
-- System Information:
Debian Release: 12.11
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
-- no debconf information
