Fix logcheck email issue
This commit is contained in:
parent
4c7c0e052b
commit
12cb7842e7
96
filesystem/common/etc/logcheck/logcheck.conf
Normal file
96
filesystem/common/etc/logcheck/logcheck.conf
Normal file
@ -0,0 +1,96 @@
|
|||||||
|
# The following variable settings are the initial default values,
|
||||||
|
# which can be uncommented and modified to alter logcheck's behaviour
|
||||||
|
|
||||||
|
# Controls the format of date-/time-stamps in subject lines:
|
||||||
|
# Alternatively, set the format to suit your locale
|
||||||
|
|
||||||
|
#DATE="$(date +'%Y-%m-%d %H:%M')"
|
||||||
|
|
||||||
|
# Controls the presence of boilerplate at the top of each message:
|
||||||
|
# Alternatively, set to "0" to disable the introduction.
|
||||||
|
#
|
||||||
|
# If the files /etc/logcheck/header.txt and /etc/logcheck/footer.txt
|
||||||
|
# are present their contents will be read and used as the header and
|
||||||
|
# footer of any generated mails.
|
||||||
|
|
||||||
|
#INTRO=1
|
||||||
|
|
||||||
|
# Controls the level of filtering:
|
||||||
|
# Can be Set to "workstation", "server" or "paranoid" for different
|
||||||
|
# levels of filtering. Defaults to server if not set.
|
||||||
|
|
||||||
|
REPORTLEVEL="server"
|
||||||
|
|
||||||
|
# Controls the address mail goes to:
|
||||||
|
# *NOTE* the script does not set a default value for this variable!
|
||||||
|
# Should be set to an offsite "emailaddress@some.domain.tld"
|
||||||
|
|
||||||
|
SENDMAILTO="root"
|
||||||
|
|
||||||
|
# Send the results as attachment or not.
|
||||||
|
# 0=not as attachment; 1=as attachment; 2=as gzip attachment
|
||||||
|
# Default is 0
|
||||||
|
|
||||||
|
MAILASATTACH=0
|
||||||
|
|
||||||
|
# Should the hostname in the subject of generated mails be fully qualified?
|
||||||
|
|
||||||
|
FQDN=1
|
||||||
|
|
||||||
|
# Controls whether "sort -u" is used on log entries (which will
|
||||||
|
# eliminate duplicates but destroy the original ordering); the
|
||||||
|
# default is to use "sort -k 1,3 -s":
|
||||||
|
# Alternatively, set to "1" to enable unique sorting
|
||||||
|
|
||||||
|
#SORTUNIQ=0
|
||||||
|
|
||||||
|
# Controls whether /etc/logcheck/cracking.ignore.d is scanned for
|
||||||
|
# exceptions to the rules in /etc/logcheck/cracking.d:
|
||||||
|
# Alternatively, set to "1" to enable cracking.ignore support
|
||||||
|
|
||||||
|
#SUPPORT_CRACKING_IGNORE=0
|
||||||
|
|
||||||
|
# Controls the base directory for rules file location
|
||||||
|
# This must be an absolute path
|
||||||
|
|
||||||
|
#RULEDIR="/etc/logcheck"
|
||||||
|
|
||||||
|
# Controls if syslog-summary is run over each section.
|
||||||
|
# Alternatively, set to "1" to enable extra summary.
|
||||||
|
# HINT: syslog-summary needs to be installed.
|
||||||
|
|
||||||
|
#SYSLOGSUMMARY=0
|
||||||
|
|
||||||
|
# Controls Subject: lines on logcheck reports:
|
||||||
|
|
||||||
|
#ATTACKSUBJECT="Security Alerts"
|
||||||
|
#SECURITYSUBJECT="Security Events"
|
||||||
|
#EVENTSSUBJECT="System Events"
|
||||||
|
|
||||||
|
# Controls [logcheck] prefix on Subject: lines
|
||||||
|
|
||||||
|
#ADDTAG="no"
|
||||||
|
|
||||||
|
# Previous versions of logcheck always sent messages in 7bit encoding,
|
||||||
|
# even if that resulted in RFC-violating messages. For example, really
|
||||||
|
# long syslog lines would generate too-long SMTP lines, which are
|
||||||
|
# rejected at least by Debian's default exim configuration. The new
|
||||||
|
# default is to let mime-construct pick an appropriate encoding, but you
|
||||||
|
# can override it by setting the below (to any of the encodings
|
||||||
|
# supported by mime-construct). You may need to do this if you have
|
||||||
|
# tools handling logcheck emails that don't understand MIME encoding.
|
||||||
|
|
||||||
|
#MIMEENCODING=
|
||||||
|
|
||||||
|
# Set a different location for temporary files than /tmp
|
||||||
|
# this is useful if your /tmp is small and you are getting
|
||||||
|
# errors such as:
|
||||||
|
# cp: writing `/tmp/logcheck.y12449/checked': No space left on device
|
||||||
|
# /usr/sbin/logcheck: line 161: cannot create temp file for here document: No space left on device
|
||||||
|
# mail: /tmp/mail.RsXXXXpc2eAx: No space left on device
|
||||||
|
# Null message body; hope that's ok
|
||||||
|
#
|
||||||
|
# If this is happening, likely you will want to change the following to be some other
|
||||||
|
# location, such as /var/tmp
|
||||||
|
|
||||||
|
TMP="/tmp"
|
@ -1,3 +1,3 @@
|
|||||||
address {
|
address {
|
||||||
email-domain {{ domain }};
|
email-domain {{ hostname }}.{{ domain }};
|
||||||
};
|
};
|
||||||
|
@ -5,6 +5,12 @@
|
|||||||
- logrotate
|
- logrotate
|
||||||
|
|
||||||
- name: Configure logcheck
|
- name: Configure logcheck
|
||||||
|
copy:
|
||||||
|
src: ./filesystem/common/etc/logcheck/logcheck.conf
|
||||||
|
dest: /etc/logcheck/logcheck.conf
|
||||||
|
mode: 0640
|
||||||
|
|
||||||
|
- name: Configure logcheck ignores
|
||||||
template:
|
template:
|
||||||
src: ./filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
|
src: ./filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
|
||||||
dest: /etc/logcheck/ignore.d.server/{{ hostname }}
|
dest: /etc/logcheck/ignore.d.server/{{ hostname }}
|
||||||
|
Loading…
Reference in New Issue
Block a user