summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHendrik Jäger <hendrik@securosys.ch>2019-09-11 15:20:52 +0200
committerHendrik Jäger <hendrik@securosys.ch>2019-09-11 15:20:52 +0200
commitdbb8864ee041ed31274c2907ef3284008da253ab (patch)
tree4bc5e8e9bde3b76f1318fd6555c5d222c5b3ace7
parent97c9de8910640e17f1087a813362c00603838e54 (diff)
Update logcheck rules for ssh
Diffstat
-rw-r--r--files/etc/logcheck/ignore.d.server/local-ssh1
1 files changed, 1 insertions, 0 deletions
diff --git a/files/etc/logcheck/ignore.d.server/local-ssh b/files/etc/logcheck/ignore.d.server/local-ssh
index 67c5341..9fcbca9 100644
--- a/files/etc/logcheck/ignore.d.server/local-ssh
+++ b/files/etc/logcheck/ignore.d.server/local-ssh
@@ -8,6 +8,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Could not write ident string to UNKNOWN$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Did not receive identification string from ([:[:xdigit:].]+|UNKNOWN)+ port [[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from [:[:xdigit:].]+ port [[:digit:]]+ \[preauth\]$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from user [[:alnum:]]+ [:[:xdigit:].]+ port [[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from (authenticating|invalid) user [[:alnum:][:punct:]]* [:[:xdigit:].]+ port [[:digit:]]+ \[preauth\]$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnecting: bad client public DH value \[preauth\]$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnecting: Change of username or service not allowed: \([^,]*,ssh-connection\) -> \([^,]*,[^)]+\)? \[preauth\]$
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-16 02:06:11 +0000