Add refused AXFRs

1 files changed, 6 insertions, 5 deletions

diff --git a/files/etc/logcheck/ignore.d.server/local-nsd b/files/etc/logcheck/ignore.d.server/local-nsd
index 8cf9d42..b733f09 100644
--- a/files/etc/logcheck/ignore.d.server/local-nsd
+++ b/files/etc/logcheck/ignore.d.server/local-nsd
@@ -1,15 +1,16 @@
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: axfr for [[:alnum:].-]+ from [[:xdigit:].:]+$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: axfr for [[:alnum:].-]+ from [[:xdigit:].:]+ refused, no acl matches$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: failed reading from [[:xdigit:].:]+ tcp: Connection reset by peer$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: Handle incoming notify for zone [[:alnum:].-]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: memory recyclebin holds [[:digit:]] bytes$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: notify for [[:alnum:].]+ from [[:xdigit:].:]+ serial [[:digit:]]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: Notify received and accepted, forward to xfrd$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: NSTATS [[:digit:]]+ [[:digit:]]+ (A=[[:digit:]]+ )?(NS=[[:digit:]]+ )?(CNAME=[[:digit:]]+ )?(SOA=[[:digit:]]+ )?(PTR=[[:digit:]]+ )?(MX=[[:digit:]]+ )?(TXT=[[:digit:]]+ )?(AAAA=[[:digit:]]+ )?(SRV=[[:digit:]]+ )?(NAPTR=[[:digit:]]+ )?(TYPE38=[[:digit:]]+ )?(NSEC=[[:digit:]]+ )?(DNSKEY=[[:digit:]]+ )?(SPF=[[:digit:]]+ )?(TYPE251=[[:digit:]]+ )?(TYPE252=[[:digit:]]+ )?TYPE255=[[:digit:]]+$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: packet too small, dropping tcp connection$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: signal received, reloading\.\.\.$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: writing zone [[:alnum:].-]+ to file [[:alnum:]-/.]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: xfrd: zone [[:alnum:].]+ committed "received update to serial [[:digit:]]+ at [[:digit:]T:-]+ from [[:xdigit:].:]+"$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: xfrd: zone [[:alnum:].-]+ written received XFR from [[:digit:].]+ with serial [[:digit:]]+ to disk$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: axfr for [[:alnum:].-]+ from [[:xdigit:].:]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: XSTATS [[:digit:]]+ [[:digit:]]+ RR=[[:digit:]]+ RNXD=[[:digit:]]+ RFwdR=[[:digit:]]+ RDupR=[[:digit:]]+ RFail=[[:digit:]]+ RFErr=[[:digit:]]+ RErr=[[:digit:]]+ RAXFR=[[:digit:]]+ RLame=[[:digit:]]+ ROpts=[[:digit:]]+ SSysQ=[[:digit:]]+ SAns=[[:digit:]]+ SFwdQ=[[:digit:]]+ SDupQ=[[:digit:]]+ SErr=[[:digit:]]+ RQ=[[:digit:]]+ RIQ=[[:digit:]]+ RFwdQ=[[:digit:]]+ RDupQ=[[:digit:]]+ RTCP=[[:digit:]]+ SFwdR=[[:digit:]]+ SFail=[[:digit:]]+ SFErr=[[:digit:]]+ SNaAns=[[:digit:]]+ SNXD=[[:digit:]]+ RUQ=[[:digit:]]+ RURQ=[[:digit:]]+ RUXFR=[[:digit:]]+ RUUpd=[[:digit:]]+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: zone [[:alnum:].]+\. received update to serial [[:digit:]]+ at [[:digit:]T:-]+ from [[:xdigit:].:]+ of [[:digit:]]+ bytes in [[:digit:]e.-]+ seconds$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: zone [[:alnum:].]+ serial [[:digit:]]+ is updated to [[:digit:]]+\.$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: Zone [[:alnum:].-]+ serial [[:digit:]]+ is updated to [[:digit:]]+.$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: failed reading from [[:xdigit:].:]+ tcp: Connection reset by peer$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: packet too small, dropping tcp connection$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nsd\[[[:digit:]]+\]: [Zz]one [[:alnum:].-]+ serial [[:digit:]]+ is updated to [[:digit:]]+\.$