From 4abe47e04766b697887748d8b523694b8c0901b3 Mon Sep 17 00:00:00 2001 From: Hendrik Jaeger Date: Sun, 26 May 2019 11:04:19 +0200 Subject: Update logcheck rules for dovecot --- files/etc/logcheck/ignore.d.server/local-dovecot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'files') diff --git a/files/etc/logcheck/ignore.d.server/local-dovecot b/files/etc/logcheck/ignore.d.server/local-dovecot index a615984..ff7edda 100644 --- a/files/etc/logcheck/ignore.d.server/local-dovecot +++ b/files/etc/logcheck/ignore.d.server/local-dovecot @@ -4,7 +4,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Connection closed \([[:alpha:] ]+ finished [[:digit:].]+ secs ago\) in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Connection closed(: Connection reset by peer)?( bytes=[[:digit:]]+/[[:digit:]]+| in=[[:digit:]]+ out=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Connection closed \(No commands sent\) in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Connection closed \((UID FETCH|IDLE) running for [[:digit:].]+ \+ waiting input for [[:digit:].]+ secs,( [[:digit:].]+ in locks,)? [[:digit:]]+ B in \+ [[:digit:]]+(\+[[:digit:]]+)? B out, state=wait-input\) in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Connection closed(: read\(size=[[:digit:]]+\) failed: Connection reset by peer)? \((UID FETCH|IDLE) running for [[:digit:].]+ \+ waiting input for [[:digit:].]+ secs,( [[:digit:].]+ in locks,)? [[:digit:]]+ B in \+ [[:digit:]]+(\+[[:digit:]]+)? B out, state=wait-input\) in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Disconnected(: Logged out| for inactivity|: Disconnected| in [[:upper:]]+|: Too many invalid IMAP commands\.)?( in IDLE)? in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: imap\([-_.@[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: Logged out in=[[:digit:]]+ out=[[:digit:]]+( deleted=[[:digit:]]+ expunged=[[:digit:]]+ trashed=[[:digit:]]+ hdr_count=[[:digit:]]+ hdr_bytes=[[:digit:]]+ body_count=[[:digit:]]+ body_bytes=[[:digit:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: lda\([[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: msgid=([[:alnum:]":<>{}@?=+/.,_!&\$%#~-]+( \(added by.*postmaster@[[:alnum:].-]+\))?|unspecified): saved mail to [[:alnum:]/._-]+$ -- cgit v1.2.3