/etc/octopussy/conf/services/Audispd.xml is in octopussy 1.0.6-0ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | <?xml version='1.0' encoding='UTF-8'?>
<octopussy_service description="Audit Event Multiplexor Service"
name="Audispd"
version="201004300005"
website="">
<message loglevel="Information"
msg_id="Audispd:max_restarts_parser_called_with"
pattern="<@DATE_TIME_ISO:datetime@> <@WORD:device@> <@REGEXP("audispd"):daemon@>: <@REGEXP("max_restarts_parser called with: \d+"):msg@>"
rank="001"
table="Message"
taxonomy="Application" />
<message loglevel="Information"
msg_id="Audispd:priority_boost_parser_called_with"
pattern="<@DATE_TIME_ISO:datetime@> <@WORD:device@> <@REGEXP("audispd"):daemon@>: <@REGEXP("priority_boost_parser called with: \d+"):msg@>"
rank="002"
table="Message"
taxonomy="Application" />
<message loglevel="Information"
msg_id="Audispd:plugin_initialized"
pattern="<@DATE_TIME_ISO:datetime@> <@WORD:device@> <@REGEXP("audispd"):daemon@>: <@REGEXP(".+ plugin initialized"):msg@>"
rank="003"
table="Message"
taxonomy="Application" />
<message loglevel="Information"
msg_id="Audispd:audispd_initialized_with_q_depth_and_active_plugins"
pattern="<@DATE_TIME_ISO:datetime@> <@WORD:device@> <@REGEXP("audispd"):daemon@>: <@REGEXP("audispd initialized with q_depth=\d+ and \d+ active plugins"):msg@>"
rank="004"
table="Message"
taxonomy="Application" />
</octopussy_service>
|