+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[1\]: Detected architecture x86-64\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[1\]: Detected virtualization kvm\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[1\]: Reexecuting\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[1\]: Reloading\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[1\]: systemd [[:alnum:].~-]+ running in system mode \(\+PAM \+AUDIT \+SELINUX \+APPARMOR \+IMA \+SMACK \+SECCOMP \+GCRYPT -GNUTLS \+OPENSSL \+ACL \+BLKID \+CURL \+ELFUTILS \+FIDO2 \+IDN2 -IDN \+IPTC \+KMOD \+LIBCRYPTSETUP \+LIBFDISK \+PCRE2 -PWQUALITY \+P11KIT \+QRENCODE \+TPM2 \+BZIP2 \+LZ4 \+XZ \+ZLIB \+ZSTD -BPF_FRAMEWORK -XKBCOMMON \+UTMP \+SYSVINIT default-hierarchy=unified\)$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Activated swap
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Activating swap
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: [[:alnum:]@-]+\.service: Consumed [[:digit:].]+s CPU time\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Created slice User Slice of UID [[:digit:]]+\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Finished .*
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Found device .*$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Journal started$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Journal stopped$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on ACPID Listen Socket\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on D-Bus User Message Bus Socket\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: media-[[:alnum:]]+-[[:alnum:]_\-]+.mount: Succeeded\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Queued start job for default target Main User Target\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Reached target Local File Systems \(Pre\)\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Reached target Network \(Pre\)\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Received SIGTERM from PID 1 \(systemd\)\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Reloaded The Apache HTTP Server\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Reloading The Apache HTTP Server\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Removed slice system-modprobe\.slice\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Starting getty on tty2-tty6 if dbus and logind are not available\.\.\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Starting LVM event activation on device 254:5\.\.\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Starting Rule-based Manager for Device Events and Files\.\.\.$
-^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Startup finished in [[:digit:]]+ms\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Startup finished in [[:digit:].]+m?s \(kernel\) \+ [[:digit:].]+m?s \(userspace\) = [[:digit:].]m?s\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Stopped Daily exim4-base housekeeping\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Stopped Daily man-db regeneration\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Stopped D-Bus User Message Bus\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: user-[[:digit:]]+.slice: Consumed [[:digit:].]+s CPU time\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: user-runtime-dir@[[:digit:]]+.service: Succeeded\.$
^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-fsck\[[[:digit:]]+\]: [^[:space:]]+: clean, [[:digit:]]+/[[:digit:]]+ files, [[:digit:]]+/[[:digit:]]+ blocks$
-^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-udevd\[[[:digit:]]+\]: Using default interface naming scheme 'v247'\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-journald\[[[:digit:]]+\]: Runtime Journal \(/run/log/journal/[[:xdigit:]]{32}) is [[:digit:].]+M, max [[:digit:].]+M, [[:digit:].]+M free\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-journald\[[[:digit:]]+\]: System Journal \(/var/log/journal/[[:xdigit:]]{32}) is [[:digit:].]+M, max [[:digit:].]+M, [[:digit:].]+M free\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-journald\[[[:digit:]]+\]: Time spent on flushing to /var/log/journal/[[:xdigit:]]{32} is [[:digit:].]+ms for [[:digit:]]+ entries\.$
+^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ systemd-udevd\[[[:digit:]]+\]: Using default interface naming scheme 'v[[:digit:]]+'\.$
projects / user / henk / code / puppet / modules / logcheck.git / blobdiff