Created
September 15, 2025 16:42
-
-
Save simonLeary42/14ed857d94c5d1ce84ffa227f62d1aa0 to your computer and use it in GitHub Desktop.
Revisions
-
simonLeary42 revised this gist
Sep 15, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ * default * there are no include rules * exclude rules are in one of `ignore.d.workstation`, `ignore.d.server`, or `ignore.d.paranoid` * exclude rule directory is based on "report level" in `logcheck.conf` * subject line option in `logcheck.conf` is `EVENTSUBJECT` * security/violations -
Sep 15, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,15 @@ 3 layers: * default * there are no include rules * exclude rules is one of `ignore.d.workstation`, `ignore.d.server`, `ignore.d.paranoid` * exclude rule directory is based on "report level" in `logcheck.conf` * subject line option in `logcheck.conf` is `EVENTSUBJECT` * security/violations * include rules are in `violations.d` * exclude rules are in `violations.ignore.d` * subject line option in `logcheck.conf` is `SECURITYSUBJECT` * attack/cracking * include rules are in `cracking.d` * exclude rules are in `cracking.ignore.d` * subject line option in `logcheck.conf` is `ATTACKSUBJECT`