filter-syslog Change History

1.20 (2007-04-13)

Remove trailing whitespace from syslog lines before matching them against regexes.

Lines changed: +16 -11

1.19 (2006-04-29)

Refactor the code to try a list of regexes when parsing syslog lines, and with that new structure deal with OpenBSD forwarded syslog messages. Do some appropriate reformatting of them if reporting them.

Broaden the special case for Linux syslogd startup messages slightly to catch some additional variations.

Lines changed: +44 -12

1.18 (2004-11-04)

Change the name of the file handle used for parsing configuration files and localize it so that recursive invocations to handle include directives don't clobber the parent file handles.

Lines changed: +6 -4

1.17 (2004-08-24)

Support including other config files or directories of config files in the config file. Search /etc and /etc/leland in that order for config files rather than just /etc/leland (in preparation for a Debian package). Look for a default config file named filter-syslog.conf if none is specified. Search for sendmail in /usr/sbin/sendmail and /usr/lib/sendmail rather than hard-coding the latter. Update to my current code for -v.

Lines changed: +94 -31

1.16 (2004-04-16)

Don't fully-qualify configuration file paths that start with "./".

Lines changed: +2 -2

1.15 (2004-04-02)

Fix a syntax error in the last change.

Lines changed: +2 -2

1.14 (2004-04-02)

Ignore some additional syslog restart patterns. Don't strip out duplicate program name prefixes to the log messages, since it just makes it harder to develop ignore rules.

Lines changed: +7 -5

1.13 (2003-09-12)

Ignore the Linux syslogd restart messages, which don't follow a standard format. Document that, as well as our skipping of -- MARK -- lines, and be clearer in the documentation that this is not a security tool. Document as a bug the imprecision of the regex that skips -- MARK -- lines.

Lines changed: +37 -5

1.12 (2003-04-14)

Change AUTHOR to AUTHORS now that there's more than one name listed.

Lines changed: +2 -2

1.11 (2003-04-14)

Add support for optionally including the hostname of the syslog line in the mailed output (for when syslogs from multiple hosts are being filtered at once). Patch from Steve Benson.

Lines changed: +16 -7

1.10 (2003-04-04)

Support a -n option to not send mail.

Lines changed: +30 -16

1.9 (2002-08-24)

Add a SEE ALSO section and note that the /etc/leland default can be changed by editing the beginning of the script.

Lines changed: +10 -2

1.8 (2002-05-16)

Filter out mark notices earlier.

Lines changed: +5 -5

1.7 (2002-05-10)

added documentation about hostnames in config files.

Lines changed: +3 -2

1.6 (2002-05-10)

Added the ability to substitute hostname into the reports.

Lines changed: +3 -1

1.5 (2002-05-10)

Ignore -- MARK -- lines.

Lines changed: +5 -1

1.4 (2002-04-20)

Add a note that relative config paths are relative to /etc/leland to the DESCRIPTION as well.

Lines changed: +4 -1

1.3 (2002-04-20)

Fix the owner of the copyright in the documentation.

Lines changed: +2 -2

1.2 (2002-04-20)

Add documentation and -h and -v options.

Lines changed: +151 -1

1.1 (2002-04-20)

Initial version.