Ubuntu
logcheck package

logcheck-database: wpa_supplicant rules missing (rules included)

Bug #1325349 reported by Michael Neuffer
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
logcheck (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

please add the following rules:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wpa_supplicant\[[0-9]+\]: wlan[0-9]: CTRL-EVENT-SCAN-STARTED$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wpa_supplicant\[[0-9]+\]: wlan[0-9]: WPA: Group rekeying completed with ([0-9a-f]{2}:){5}[0-9a-f]{2} \[GTK=(CCMP|TKIP)\]$

ProblemType: Bug
DistroRelease: Ubuntu 14.10
Package: logcheck-database 1.3.16
ProcVersionSignature: Ubuntu 3.15.0-4.9-generic 3.15.0-rc7
Uname: Linux 3.15.0-4-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.14.3-0ubuntu1
Architecture: amd64
CurrentDesktop: XFCE
Date: Sun Jun 1 12:39:39 2014
Dependencies:

InstallationDate: Installed on 2014-05-30 (2 days ago)
InstallationMedia: Xubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2)
PackageArchitecture: all
SourcePackage: logcheck
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.logcheck.cracking.d.kernel: [deleted]
modified.conffile..etc.logcheck.cracking.d.rlogind: [deleted]
modified.conffile..etc.logcheck.cracking.d.rsh: [deleted]
modified.conffile..etc.logcheck.cracking.d.smartd: [deleted]
modified.conffile..etc.logcheck.cracking.d.tftpd: [deleted]
modified.conffile..etc.logcheck.cracking.d.uucico: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.bind: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.cron: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.incron: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.logcheck: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.postfix: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.ppp: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.pureftp: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.qpopper: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.squid: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.ssh: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.stunnel: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.sysklogd: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.telnetd: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.tripwire: [deleted]
modified.conffile..etc.logcheck.ignore.d.paranoid.usb: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.acpid: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.amandad: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.amavisd.new: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.anacron: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.anon.proxy: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.apache: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.apcupsd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.arpwatch: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.asterisk: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.automount: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.bind: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.bluez.utils: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.courier: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cpqarrayd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cpufreqd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cron: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cron.apt: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cups.lpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cvs.pserver: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cvsd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.cyrus: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dcc: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ddclient: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dhclient: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dhcp: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dictd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dkfilter: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dkim.filter: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dnsmasq: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dovecot: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dropbear: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.dspam: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.epmd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.exim4: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.fcron: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.git.daemon: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.gnu.imap4d: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.gps: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.grinch: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.horde3: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.hplip: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.hylafax: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ikiwiki: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.imap: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.imapproxy: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.imp: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.imp4: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.innd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ipppd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.isdnlog: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.isdnutils: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.jabberd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.kernel: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.klogind: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.krb5.kdc: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.libpam.krb5: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.libpam.mount: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.logcheck: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.login: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.maradns: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.mldonkey.server: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.mon: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.mountd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.nagios: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.netconsole: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.nfs: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.nntpcache: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.nscd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.nslcd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.openvpn: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.otrs: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.passwd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.pdns: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.perdition: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.policyd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.popa3d: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.postfix: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.postfix.policyd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ppp: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.pptpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.procmail: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.proftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.pure.ftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.pureftp: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.qpopper: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.rbldnsd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.rpc.statd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.rsnapshot: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.rsync: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.sa.exim: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.samba: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.saned: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.sasl2.bin: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.saslauthd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.schroot: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.scponly: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.slapd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.smartd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.smbd.audit: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.smokeping: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.snmpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.snort: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.spamc: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.spamd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.squid: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ssh: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.stunnel: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.su: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.sudo: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.sympa: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.syslogd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.teapop: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.telnetd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.tftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.thy: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.ucd.snmp: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.upsd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.uptimed: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.userv: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.vsftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.watchdog: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.wu.ftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.server.xinetd: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.automount: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.bind: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.bluetooth.alsa: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.bluez.utils: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.bonobo: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.dhcpcd: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.francine: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.gconf: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.gdm: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.hald: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.hcid: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.ifplugd: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.ippl: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.kdm: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.kernel: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.laptop.mode.tools: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.libmtp.runtime: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.libpam.gnome.keyring: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.logcheck: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.login: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.net.acct: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.nntpcache: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.polypaudio: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.postfix: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.ppp: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.proftpd: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.pump: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.sendfile: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.slim: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.squid: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.udev: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.wdm: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.winbind: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.wpasupplicant: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.xdm: [deleted]
modified.conffile..etc.logcheck.ignore.d.workstation.xlockmore: [deleted]
modified.conffile..etc.logcheck.violations.d.kernel: [deleted]
modified.conffile..etc.logcheck.violations.d.logcheck: [deleted]
modified.conffile..etc.logcheck.violations.d.smartd: [deleted]
modified.conffile..etc.logcheck.violations.d.su: [deleted]
modified.conffile..etc.logcheck.violations.d.sudo: [deleted]
modified.conffile..etc.logcheck.violations.ignore.d.logcheck.su: [deleted]
modified.conffile..etc.logcheck.violations.ignore.d.logcheck.sudo: [deleted]

Related branches

lp:debian/logcheck
Revision history for this message
Michael Neuffer (neuffer) wrote :
Revision history for this message
Robie Basak (racb) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

I see that logcheck currently has no delta against Debian. Please could you check to see if this patch is also relevant to Debian, and if so, file a bug in Debian if there isn't one there already?

Changed in logcheck (Ubuntu):
importance: Undecided → Wishlist
tags: added: needs-upstream-report
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package logcheck - 1.3.17

---------------
logcheck (1.3.17) unstable; urgency=low

  [ Hannes von Haugwitz ]
  * debian/control:
    - dropped obsolete Replaces fields
    - removed 'deprecated' notice from logtail's short description
    - bumped to Standards-Version 3.9.6 (no changes necessary)
  * Migrated to dh7 style debian/rules file
  * debian/compat:
    - bumped to dh compatibility level 9
    - updated copyright year to 2014
  * debian/README.backports: removed (obsolete)
  * src/logcheck:
    - changed '#!/bin/bash' to '#!/usr/bin/env bash'
    - use '/run/lock/logcheck' instead of '/var/lock/logcheck'
    - set VERSION to the current version, thanks to Pascal Wittmann
  * ignore.d.workstation/wpasupplicant:
    - adjusted 'Group rekeying' rule and ignore 'CTRL-EVENT-SCAN-STARTED'
      message (LP: #1325349)
  * ignore.d.server/dhcp:
    - adjust rule to match new URL (closes: #744205)
  * debian/copyright:
    - removed obsolete 'fork' notice
  * docs/README.Maintainer:
    - fixed typo (closes: #764336)
  * ignore.d.server/ssh:
    - match key fingerprint when using key exchange auth (closes: #743000)
  * ignore.d.server/dkim-filter: removed
    - package has been removed from debian

  [ Alberto Gonzalez Iniesta ]
  * ignore.d.workstation/kernel:
    - fixed reworded "Caching mode page" message, thanks to Hagen Fuchs for
      the patch (closes: #743378)

 -- Hannes von Haugwitz <email address hidden> Fri, 24 Oct 2014 23:54:14 +0200

Changed in logcheck (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.