Table 2. Logcheck Keywords

File Name and Description

logcheck.hacking -- Keywords that are known attacks on your system. Keywords that match words in this file are marked as “ACTIVE SYSTEM ATTACK”.

logcheck.ignore -- Keywords to ignore and not report as unusual system activity.

logcheck.violations -- Keywords that are usually seen as negative, such as “denied” and “refused” but which may be routine to a working system.

logcheck.violations.ignore -- Keywords that may be logged as a violation, but that are common and may be ignored, i.e., sendmail connection refused.