logcheck - mails anomalies in the system logfiles to the administrator

Property Value
Distribution Ubuntu 18.04 LTS (Bionic Beaver)
Repository Ubuntu Main amd64
Package name logcheck
Package version 1.3.18
Package architecture all
Package type deb
Installed size 152 B
Download size 22.20 KB
Official Mirror archive.ubuntu.com
Logcheck helps spot problems and security violations in your logfiles
automatically and will send the results to you in e-mail.
Logcheck was part of the Abacus Project of security tools, but this
version has been rewritten.


Package Version Architecture Repository
logcheck_1.3.18_all.deb 1.3.18 all Ubuntu Main
logcheck - - -


Name Value
adduser -
cron -
cron-daemon -
default-mta -
lockfile-progs -
logtail >= 1.2.59
mail-transport-agent -
mime-construct -
rsyslog -
system-log-daemon -


Type URL
Binary Package logcheck_1.3.18_all.deb
Source Package logcheck

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install logcheck deb package:
    # sudo apt-get install logcheck




2017-01-25 - Hannes von Haugwitz <hannes@vonhaugwitz.com>
logcheck (1.3.18) unstable; urgency=medium
* src/logcheck:
- fix check if rule files are unreadable, thanks to Simon Ruderich
for the patch (closes: #418147)
* src/logcheck-test:
- make mktemp usage more portable
* Makefile:
- remove duplicate xargs option (thanks to Sander Bos)
* ignore.d.server/dhcp:
- match dhcpd PID (closes: #799041)
* ignore.d.server/dhclient:
- rewrite rules (LP: #1357880, closes: #809605)
* ignore.d.server/ssh:
- add generic preauth disconnect rule (closes: #775090)
- adjust 'Bad protocol version identification' rule, thanks to
Paul Brossier for the patch (closes: #703936)
- allow new FingerprintHash format (closes: #799304)
- match 'ED25519' key type, thanks to Ayke van Laethem for the patch
- match more disconnect messages
* ignore.d.server/su:
- allow '.' and '_' in username (closes: #780441)
* ignore.d.server/rsync:
- allow comma as thousands separator (LP: #1476199)
* ignore.d.workstation/wpasupplicant:
- add another CTRL-EVENT-DISCONNECTED rule
- adjust multiple rules to match added interface name
- allow '.' in SSID
- match 'SME: ' prefix in 'Trying to associate' message
- match 'freq=', 'address=' and 'uuid=' wpa_action messages
- match predictable network interface names
* violations.ignore.d/logcheck-sudo:
- match 'GROUP=' field (closes: #815114)
* ignore.d.server/bind:
- match domain name in query message, thanks to Wojciech Nizinski
for the patch
- ignore DNSSEC rekeying (closes: #825170)
* ignore.d.server/openvpn:
- match arbitrary mtu sizes (closes: #815755)
* ignore.d.server/snmpd:
- match optional port (closes: #644886)
* ignore.d.server/postfix:
- remove obsolete rule (closes: #822165)
* ignore.d.server/systemd-timesyncd: new
- match 'interval/delta/delay/jitter/drift' message
* ignore.d.server/kernel:
- 'TCP: ' prefix is optional, thanks to Xavier Mehrenberger
for the patch (closes: #797512)
* ignore.d.server/systemd: new
- add some generic rules (closes: #783633)
* debian/control:
- add alternate dependency on cron-daemon, thanks to Felix Zielcke for the
patch (closes: #786815)
- use secure Vcs-* fields
- bump to Standards-Version 3.9.8 (no changes necessary)
* debian/copyright: update copyright year to 2017
* Remove obsolete debian/logcheck-database.postinst
* Add support for logcheck.logfiles.d, thanks to Vincas Dargis for
the initial patch (closes: #481353)
* Replace all occurrences of 'deinstall' with 'uninstall', thanks to duelle
for the patch
* Remove references to 'logcheck.org'

See Also

Package Description
login_4.5-1ubuntu1_amd64.deb system login tools
logrotate_3.11.0-0.1ubuntu1_amd64.deb Log rotation utility
logtail_1.3.18_all.deb Print log file lines that have not been read
logwatch_7.4.3+git20161207-2ubuntu1_all.deb log analyser with nice output written in Perl
lp-solve-doc_5.5.0.15-4build1_all.deb Solve (mixed integer) linear programming problems - documentation
lp-solve_5.5.0.15-4build1_amd64.deb Solve (mixed integer) linear programming problems
lsb-base_9.20170808ubuntu1_all.deb Linux Standard Base init script functionality
lsb-release_9.20170808ubuntu1_all.deb Linux Standard Base version reporting utility
lshw_02.18-0.1ubuntu6_amd64.deb information about hardware configuration
lsof_4.89+dfsg-0.1_amd64.deb Utility to list open files
lsscsi_0.28-0.1_amd64.deb list all SCSI devices (or hosts) currently on system
ltrace_0.7.3-6ubuntu1_amd64.deb Tracks runtime library calls in dynamically linked programs
lua-rrd-dev_1.7.0-1build1_amd64.deb time-series data storage and display system (Lua development)
lua-rrd_1.7.0-1build1_amd64.deb time-series data storage and display system (Lua interfaces)
lua5.2-doc_5.2.4-1.1build1_all.deb Documentation for the Lua language version 5.2