Gentoo Archives: gentoo-security

From: Chris <chris@×××××××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] prelude-lml and log_prefix_regex
Date: Sat, 15 Oct 2005 09:50:37
Message-Id: 4350CFD2.3060600@services-4u.net
In Reply to: [gentoo-security] prelude-lml and log_prefix_regex by Sheran Gunasekera
Yeah, this did the trick :)
Thanks alot Sheran, now i'm able to get some sleep *smiling from one ear
to the other*

Greets, Chris






Sheran Gunasekera wrote:

>Hi Chris, >Give this a go: >(?P<timestamp>.{15}).*?\>\s(?P<hostname>.*?)\s(?:(?P<process>\S+?)(?:\[(?P<pid>[0-9]+)\])?:) > >I'm not using either Snort or Prelude, but I tried this on Python and I >think it >yields the results you require. I wonder about only capturing the first 15 >characters for the timestamp, though. It comes up a bit short. As I am >unsure >of the context it is being used, I cannot comment, but I would capture >at least >19 characters: > >(?P<timestamp>.{19}).*?\>\s(?P<hostname>.*?)\s(?:(?P<process>\S+?)(?:\[(?P<pid>[0-9]+)\])?:) > >Take care, >Sheran > >
-- gentoo-security@g.o mailing list