DH_INSTALLLOGCHECK(1) Debhelper DH_INSTALLLOGCHECK(1)NAME
dh_installlogcheck - install logcheck rulefiles into etc/logcheck/
SYNOPSIS
dh_installlogcheck [debhelperoptions]
DESCRIPTION
dh_installlogcheck is a debhelper program that is responsible for installing logcheck rule files.
FILES
debian/package.logcheck.cracking
debian/package.logcheck.violations
debian/package.logcheck.violations.ignore
debian/package.logcheck.ignore.workstation
debian/package.logcheck.ignore.server
debian/package.logcheck.ignore.paranoid
Each of these files, if present, are installed into corresponding subdirectories of etc/logcheck/ in package build directories.
OPTIONS --name=name
Look for files named debian/package.name.logcheck.* and install them into the corresponding subdirectories of etc/logcheck/, but use
the specified name instead of that of the package.
SEE ALSO debhelper(7)
This program is a part of debhelper.
AUTHOR
Jon Middleton <jjm@debian.org>
11.1.6ubuntu2 2018-05-10 DH_INSTALLLOGCHECK(1)
Check Out this Related Man Page
logcheck-test(1) General Commands Manual logcheck-test(1)NAME
logcheck-test - test new logcheck rules easily
SYNOPSIS
logcheck-test [-q|-i] [-a|-s|-l FILE] [-e] [-P PREFIX] [-S SUFFIX] RULE
logcheck-test [-q|-i] [-a|-s|-l FILE] -r RULEFILE
DESCRIPTION
logcheck-test parses a log file for matching lines specified by a single rule or a rule file. If using a single RULE you can set a PREFIX
and a SUFFIX to write new rules easily.
OPTIONS -h, --help
Show usage information
-a, --auth.log
Parse /var/log/auth.log for matching lines
-s, --syslog
Parse /var/log/syslog for matching lines
-l, --log-file FILE
Parse FILE for matching lines
-i, --invert-match
Show line that don't match the RULE or the RULEFILE
-q, --quiet
Suppress rule summary at the end of output
-e, --surround-rule
Surround RULE with standard prefix and suffix:
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ RULE$
-P, --append-prefix PREFIX
Append PREFIX to rule prefix. Option can be given multiple times
-S, --prepend-suffix SUFFIX
Prepend SUFFIX to rule suffix. Option can be given multiple times
-r, --rule-file RULEFILE
Use file RULEFILE for rule input
EXAMPLES
With logcheck-test you can easily write and test new rules.
Test a single rule against /var/log/syslog:
logcheck-test -s "RULE"
Test a single rule against ~/log, surround the rule with standard prefix and suffix and append "kernel " to prefix:
logcheck-test -l ~/log -e -P "kernel " "RULE"
Test the rules in rulefiles/linux/ignore.d.server/kernel against ~/log:
logcheck-test -l ~/log -r rulefiles/linux/ignore.d.server/kernel
Test which lines the rules in rulefiles/linux/ignore.d.server/kernel doesn't match:
logcheck-test -l ~/log -r rulefiles/linux/ignore.d.server/kernel -i
EXIT STATUS
On successful matching logcheck-test will complete with exit code 0. An exit code of 1 indicates no successful matching.
An exit code greater then 1 indicates an error occurred. Textual errors are written to the standard error stream.
SEE ALSO logcheck(8)AUTHOR
logcheck is developed by Debian logcheck Team at alioth: http://alioth.debian.org/projects/logcheck/. This manual was written by Hannes von
Haugwitz <hannes@vonhaugwitz.com>.
Feb 19, 2010 logcheck-test(1)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)