- No syslog option
- Workaround via logger available
- Issue (2015) with patch (2016) exists
- No severity levels implemented
Those all have level 'notice':
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99 Recommended version: 0.99.2
[...]
ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf
[...]
Can't connect to port 80 of host db.local.clamav.net (IP: XXX.XXX.XXX.XXX)
- Issue (2016) exists
- Single wrong severity
journalalert filter
- identifier: gitlab-runner
message: '*Build failed: exit status *'- Unsure what upstream situation is (only observed on Debian Jessie). In principle the messages could be imported in some situations. For us they only appeared on reboot.
journalalert filter
- command: libvirtd
message: 'stream aborted at client request'
- command: libvirtd
message: 'internal error: End of file from monitor'
- command: libvirtd
message: 'error from service: TerminateMachine: No machine *'- Issue (2015) exists
- Only (re)start affected (loggered stdout)
journalalert filter
- unit: mysql
message: '*[[]Note[]]*'
- unit: mysql
message: ''
- unit: mysql
message: 'Version:*'- apache2 (more to come in 2.6)
- postgresql
- postfix
- systemd
Issue (2016) exists(closed: fixed)- Unification and cleanup of syslog log levels.
- Waiting for pam 1.4
- Syslog is default
- Severity levels are silly
Issue (2016) exists(closed: fixed)- Probably fixed in OpenSSH 7.3
- ssh(1), sshd(8): Reduce the syslog level of some relatively common protocol events from LOG_CRIT. bz#2585
- sshd(8): Remove obsolete and misleading "POSSIBLE BREAK-IN ATTEMPT!" message when forward and reverse DNS don't match. bz#2585
journalalert filter
- identifier: sshd
message: 'PAM service(sshd) ignoring max retries*'
- identifier: sshd
message: 'fatal: Read from socket failed: Connection reset by peer *'
- identifier: sshd
message: 'fatal: Unable to negotiate a key exchange method *'
- identifier: sshd
message: 'fatal: no matching cipher found: *'
- identifier: sshd
message: 'error: Received disconnect from *'
- identifier: sshd
message: 'warning: can''t get client address: Connection reset by peer'
- identifier: sshd
message: 'fatal: Write failed: Broken pipe *'
- identifier: sshd
message: 'fatal: Write failed: Connection reset by peer *'
- identifier: sshd
message: 'fatal: no hostkey alg *'PR (2016) exists(closed: merged)- Waiting for new release
journalalert filter
- identifier: su
message: 'No passwd entry for user *'