aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Kangas <skangas@skangas.se>2010-10-29 20:43:11 +0200
committerStefan Kangas <skangas@skangas.se>2010-10-29 20:43:11 +0200
commit03a9e8cf5e71bb97e9af7f4223b1225d203ebc2a (patch)
treec056030d4029d20df8512ac6409a244b7974f702
parentbdc0cf5fdc9ead64ac747e6d38f4cdc8e8ba9485 (diff)
logcheck: describe new ssh ignore rules
-rw-r--r--fri-epost-docs.org6
1 files changed, 6 insertions, 0 deletions
diff --git a/fri-epost-docs.org b/fri-epost-docs.org
index 362f62f..de953bb 100644
--- a/fri-epost-docs.org
+++ b/fri-epost-docs.org
@@ -77,6 +77,12 @@ We welcome all critisism, suggestions for improvements, additions etc. Please s
- ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync (disabled|enabled) [0-9]+$
+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync (disabled|enabled|status( change)?) [0-9]+$
+ - /etc/logcheck/ignore.d.server/ssh [until logcheck 1.3.7 hits stable]
+
+ + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: disconnected by user$
+
+
+
** Configuring aptitude and friends
We're going for a setup where we install many security updates automatically using the package "unattended-upgrades". Automated upgrades are in general not a very good idea, but "unattended-upgrades" takes steps to minimize the issues with this kind of setup. Given the Debian security teams track record we believe the positives outweigh the negatives.