Change regex for kdump output to execve JUSTRETURN.
from anton@
qr/syslogd CALL setresuid(.*"_syslogd".*){3}/ => 1,
qr/syslogd CALL setresgid(.*"_syslogd".*){3}/ => 1,
qr/syslogd CALL setsid/ => 0,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
qr/\[\d\] = "-P"/ => 1,
},
},
syslogd => {
ktrace => {
qr/syslogd PSIG SIGHUP caught handler/ => 1,
- qr/syslogd RET execve \d+/ => 4,
+ qr/syslogd RET execve JUSTRETURN/ => 4,
},
loggrep => {
qr/config file modified: restarting/ => 1,
syslogd => {
ktrace => {
qr/syslogd PSIG SIGHUP caught handler/ => 2,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loggrep => {
qr/syslogd: restarted/ => 1,
},
ktrace => {
qr/syslogd PSIG SIGHUP caught handler/ => 1,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loghost => '@tcp://127.0.0.1:$connectport',
loggrep => {
},
ktrace => {
qr/syslogd PSIG SIGHUP caught handler/ => 1,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loghost => '@tls://127.0.0.1:$connectport',
loggrep => {
syslogd => {
ktrace => {
qr/syslogd PSIG SIGHUP caught handler/ => 1,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loggrep => {
qr/config file changed: dying/ => 0,
syslogd => {
ktrace => {
qr/syslogd PSIG SIGPIPE/ => 0,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loggrep => { get_between2loggrep() },
},
syslogd => {
ktrace => {
qr/syslogd PSIG SIGTERM caught handler/ => 1,
- qr/syslogd RET execve \d+/ => 2,
+ qr/syslogd RET execve JUSTRETURN/ => 2,
},
loggrep => {
qr/syslogd: exited/ => 1,
projects / openbsd / commitdiff