Logcheck comes with a ton of regexps for stuff that one would expect to find in ones logs.
How much work would it be to get syslog-ng to put all messages not matching any of the logcheck regexps in a separate log file?
Currently, logcheck is using egrep to scan the logs, and egrep's performance is poor:
Being able to replace the logcheck daemon and just use its regexp database would be nice!
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds