diff options
| author | Hendrik Jaeger <root@netwichtig.de> | 2019-05-30 10:36:25 +0200 |
|---|---|---|
| committer | Hendrik Jaeger <root@netwichtig.de> | 2019-05-30 10:36:25 +0200 |
| commit | 34c06d15c6f387ffd1413385d9711c5dc7b7c236 (patch) | |
| tree | a6ee9b2d26d34712e5456dff112130bce8745ec9 /files/etc/logcheck | |
| parent | ec4a521f6087f2add20a48e001bdf8bb264cbde3 (diff) | |
Update logcheck rules for ssh
Diffstat (limited to 'files/etc/logcheck')
| -rw-r--r-- | files/etc/logcheck/ignore.d.server/local-ssh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/files/etc/logcheck/ignore.d.server/local-ssh b/files/etc/logcheck/ignore.d.server/local-ssh index f3bec4f..dbcba01 100644 --- a/files/etc/logcheck/ignore.d.server/local-ssh +++ b/files/etc/logcheck/ignore.d.server/local-ssh @@ -27,6 +27,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: disconnected by user \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: Disconnected on user's request\. \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: disconnect \[preauth\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: end \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: Cooling down ;\) \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: Inchidere normala \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [:.[:xdigit:]]+ port [[:digit:]]+: ?11: JIHAD FROM BU. \[preauth\]$ |