On Mon, Feb 16, 2004 at 09:31:11PM +1000, Peter A. Cole wrote: > In fact logcheck didn't even send an email a minute ago when I check, which > is how I want except for reboots and unexpected events.
Just a thought - if you don't get any messages how do you know that your machine hasn't been compromised and logcheck disabled? Maybe make use of syslogd's MARK. (It's ignored in one of the default files). > For my own curiosity, I'll have a look at the grep man pages and see if I > can't understand what's going on a bit better for myself. Something I thew together quickly after I first set up logcheck was a Perl script to let me use perl regular expressions which are a lot more powerful. Also instead of [0-9] you can use \d. This was my main reason for writing it as I had at least 50 perl specific regex features without realising that they wouldn't work. Oh the pain... http://netsoc.tcd.ie/~bbrazil/perlgrep This is specific to logcheck. Only tested with Woody. Brian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
