From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Apr  6 13:53:29 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id NAA28265;
	Thu, 6 Apr 2000 13:53:29 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from asky.kyoto-inet.or.jp (asky.picky.or.jp [202.245.159.17])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id NAA28258
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 6 Apr 2000 13:53:28 +0900 (JST)
	(envelope-from yab@astem.or.jp)
Received: from astemgw.astem.or.jp (astemgw.astem.or.jp [133.18.80.1])
	by asky.kyoto-inet.or.jp (8.9.3/3.7W-19990128) with ESMTP id NAA05641
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 6 Apr 2000 13:50:31 +0900
Received: from astemfs.astem.or.jp (astemfs.astem.or.jp [133.18.80.2])
	by astemgw.astem.or.jp (8.9.3/3.7W-19991121) with ESMTP id NAA21361
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 6 Apr 2000 13:53:18 +0900 (JST)
Received: from astem.or.jp (astemfs.astem.or.jp [133.18.80.2])
	by astemfs.astem.or.jp (8.9.3/3.7W-20000301) with ESMTP id NAA10843;
	Thu, 6 Apr 2000 13:53:17 +0900 (JST)
Message-Id: <200004060453.NAA10843@astemfs.astem.or.jp>
To: FreeBSD-users-jp@jp.freebsd.org
In-reply-to: Your message of "Wed, 05 Apr 2000 17:02:37 JST."
             <4.0.1-J.20000405163946.00e211f0@mailsrv.churyo.co.jp> 
Mime-Version: 1.0 (generated by tm-edit 7.92)
Content-Type: text/plain; charset=ISO-2022-JP
Date: Thu, 06 Apr 2000 13:53:17 +0900
From: Kenji Yabuuchi <yab@astem.or.jp>
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 51038
Subject: [FreeBSD-users-jp 51038] Re: logsurfer error in match_not_regex of rule 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: yab@astem.or.jp

  $BLyFb!w5~ET9bEY5;=Q8&5f=j$H?=$7$^$9!#(B

  $B>/$J$/$H$b(B1.41$B$K$O%P%0$,$"$j(B -p $B$OF0$-$^$;$s!#:n<T$KJs9p$7$?$1(B
$B$I%J%7$N$D$V$F$G$7$?(B($B$b$&!"0lG/0J>eA0$G$9$,(B)$B!#(B1.41$B$N>l9g$O0J2<$N(B
$B%Q%C%A$GD>$j$^$9!#(B

*** readcf.c.orig	Fri Feb 16 22:45:31 1996
--- readcf.c	Mon Jan 11 20:43:49 1999
***************
*** 119,124 ****
--- 119,125 ----
  		return(1);
  	}
  	cfline[0] = '\0';
+ 	buffer[0] = '\0';
  
  	while ( (input_line=readline(infile, &buffer, &buf_size, &buf_pos)) != NULL ) {
  		/* we got a new line from the config-file */


---

>>>>> On Wed, 05 Apr 2000 17:02:37 +0900, y-furukawa@churyo.co.jp (Furukawa Yoshihiro) said:

|> $B8E@n$H?=$7$^$9!#(B
|> logsurfer$B$r%$%s%9%H!<%k$7!"$H$j$"$($:%3%^%s%I%i%$%s$+$i(B
|> $B5/F0$7$h$&$H$7$?$H$3$m0J2<$N>u67$H$J$j5/F0$G$-$^$;$s$G$7$?!#(B
|> $B860x$,J,$+$i$::$$C$F$$$^$9!#$I$J$?$+BP:vJ}K!$r$4B8$8$NJ}65<x(B
|> $BD:$1$l$P9,$$$G$9!#(B

|> $B!c>u67!d(B
|> $B!!#1(B. $B%3%^%s%I%i%$%s$+$i(B
|> $B!!!!!!!!(Blogsurfer -c /usr/local/etc/logsurfer.conf \
|> $B!!(B  $B!!!!(B -p logsurfer.pid -f /var/log/messages &
|> $B!!!!!!$H%?%$%W$9$k$H!"$9$0$K(B
|> $B!!!!!!!!(B[1] 39575
|> $B!!!!!!!!(Bfuru@hoge[662]~ % error in match_not_regex of rule: 39575
|> $B!!!!!!!!(Bconfig error arround line 2: 39575

|> $B!!!!!!!!(B[1]    4$B$G=*N;$7$^$7$?(B logsurfer -c /etc/logsurfer.conf
|> $B!!!!!!!!!!(B-p logsurfer.pid -f$B!!(B/var/log/messages
|> $B!!!!!!$HI=<($5$l$k!#$?$@$7!"(Blogsurfer.pid$B$O:n$i$l$F$*$j!"(Bpid$B$,F~$C$F$$$k!#(B

|> $B!!#2(B. $B%3%^%s%I%i%$%s$+$i(B
|> $B!!!!!!!!(Blogsurfer -c /usr/local/etc/logsurfer.conf \
|> $B!!(B  $B!!!!(B -f /var/log/messages &
|> $B!!!!!!$H%?%$%W$9$k$H!"%(%i!<$OH/@8$7$J$$!#(B

|> $B!!(B
|> $B!c%$%s%9%H!<%kJ}K!!d(B
|> logsurfer-1.5.tar$B$rF~<j$7!"%k!<%H$GE83+8e!"(B
|> $B!!!!(Bconfigure;make all
|> $B$G%$%s%9%H!<%k(B

|> $B!c%7%9%F%`!d(B
|> $B!!(BOS:FreeBSD 3.2
|> $B!!%a%b%j!'(B64MByte
|> $B!!(BHDD$B!'(B6.4GByte

|> $B!c(Blogsurfer.conf$B$NFbMF!J%3%a%s%H0J30!K!d(B

|> 'last message repeated' - - - 0 ignore
|> ' xntpd\[[0-9]*\]: Previous time adjustment didn.t complete' - - - 0 ignore
|> ' xntpd\[[0-9]*\]: time reset ' - - - 0 ignore
|> ' xntpd\[[0-9]*\]: ... No more .Prev time adj didn.t complete' - - - 0 ignore
|> ' xntpd\[[0-9]*\]: (xntpd version|tickadj|precision) *=' - - - 0 ignore
|> ' ([^ ]*) xntpd\[([0-9]*)\]: synchronisation lost' - - - 0 CONTINUE
|> 	open " $2 xntpd\\[$3\\]:" - 100 3600 0
|> 	pipe "/usr/lib/sendmail root"
|> ' ([^ ]*) xntpd\[([0-9]*)\]: synchronisation lost' - - - 0
|> 	rule before 
|> 	" ($2) xntpd\\[($3)\\]: synchronized to" - " ($2) xntpd\\[($3)\\]: synchron
|> ized to" - 3600
|> 	delete " $2 xntpd\\[$3\\]:"
|> ' xntpd\[[0-9]*\]: synchronized to' - - - 0 ignore
|> ' ([^ ]*) xntpd\[([0-9]*)\]:' - - - 0
|> 	pipe "/usr/lib/sendmail root"
|> 'kernel:' - - - 0 open 'kernel:' - 1000 10 0 report "/usr/sbin/sendmail root
|> " "kernal:"
|> 'named\[([0-9]*)\]: starting.' - - - 0
|> 	open "named\\[$2\\]" - 1000 10 0 report "/usr/sbin/sendmail root" "named\\[
|> $2\\]"
|> 'file system full' - - - 0 pipe "/usr/sbin/sendmail root"
|> 'authsrv .*AUTHENTICATE' - - - 0 pipe "/usr/sbin/sendmail root"
|> 'deny' - - - 0 pipe "/usr/sbin/sendmail root"

|> $B0J>e!"$h$m$7$/$*4j$$$$$?$7$^$9!#(B

|> ----------
|> $B!!8E@n!!9d7<(B
---
($B:b(B)$B5~ET9bEY5;=Q8&5f=j(B	$BLyFb7rFs(B (Yabuuchi Kenji)
			yab@astem.or.jp
