diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2014-07-04 17:46:27 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:52:37 +0200 |
commit | e6b66f93ab6ce2741e514753fc747f4cde0f595e (patch) | |
tree | 6e18f93db4333b5991d874d0a4e8b4bca586fa9f /roles/common/files/etc/logcheck/ignore.d.server/common-local | |
parent | 065fdc8f78639593ae73532e01dda16fbbb3a727 (diff) |
More logcheck-database tweaks.
Diffstat (limited to 'roles/common/files/etc/logcheck/ignore.d.server/common-local')
-rw-r--r-- | roles/common/files/etc/logcheck/ignore.d.server/common-local | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/roles/common/files/etc/logcheck/ignore.d.server/common-local b/roles/common/files/etc/logcheck/ignore.d.server/common-local index 7614ad8..b587c32 100644 --- a/roles/common/files/etc/logcheck/ignore.d.server/common-local +++ b/roles/common/files/etc/logcheck/ignore.d.server/common-local @@ -4,8 +4,9 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: subsystem request for sftp by user [-_.[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: User [-_.[:alnum:]]+ not allowed because account is locked$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Read from socket failed: Connection reset by peer \[preauth\]$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: 11: PECL/ssh2 \(http://pecl.php.net/packages/ssh2\) \[preauth\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: (3: Key exchange negotiation failed\.|11: PECL/ssh2 \(http://pecl.php.net/packages/ssh2\)|11: Normal Shutdown, Thank you for playing|11: Done with connection|14: Unable to connect using the available authentication methods) \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: userauth_pubkey: unsupported public key algorithm: [[:alnum:]-]+ \[preauth\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: (Connection (timed out|reset by peer)|Broken pipe) \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ (; ENV=([_a-zA-Z]+=\S* )+)?; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ) ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[.[:digit:]]+" x-pid="[[:digit:]]+" x-info="http://www.rsyslog.com"\] rsyslogd was HUPed$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ ansible-([a-z]+|<stdin>): Invoked with |