Testing logcheck rules…

17 Mar

I keep on forgetting how to do this, so that’s simply a short reminder. Running this command will show the MATCHING lines for the rules in the given rule-file:

RULES="ntp-local"
LOGF="/tmp/syslog_logcheck_testfile"
sudo -u logcheck logcheck-test --rule-file $RULES --log-file $LOGF