From: Hendrik Jäger Date: Thu, 13 Jun 2024 12:10:51 +0000 (+0200) Subject: missing quantifier X-Git-Url: https://git.netwichtig.de/gitweb/?a=commitdiff_plain;p=user%2Fhenk%2Fcode%2Fpuppet%2Fmodules%2Flogcheck.git missing quantifier --- diff --git a/files/etc/logcheck/ignore.d.server/local-auditd b/files/etc/logcheck/ignore.d.server/local-auditd index 3160455..04e218b 100644 --- a/files/etc/logcheck/ignore.d.server/local-auditd +++ b/files/etc/logcheck/ignore.d.server/local-auditd @@ -50,4 +50,4 @@ ^((\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ audit\[[[:digit:]]+\]: )?USER_END pid=[[:digit:]]+ uid=[[:digit:]]+ auid=[[:digit:]]+ ses=[[:digit:]]+ subj=unconfined msg='op=PAM:session_close grantors=(pam_[[:alnum:]]+,?)+ acct="[[:alnum:]@_-]+" exe="[[:alnum:]/]+" hostname=(\?|[[:alnum:]:.]+) addr=(\?|[[:alnum:]:.]+) terminal=[^[:space:]]+ res=success' ^((\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ audit\[[[:digit:]]+\]: )?USER_LOGIN pid=[[:digit:]]+ uid=[[:digit:]]+ auid=[[:digit:]]+ ses=[[:digit:]]+ subj=unconfined msg='op=login id=[[:digit:]]+ exe="[[:alnum:]/]+" hostname=(\?|[[:alnum:]:.]+) addr=(\?|[[:alnum:]:.]+) terminal=[^[:space:]]+ res=success' ^((\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ audit\[[[:digit:]]+\]: )?USER_START pid=[[:digit:]]+ uid=[[:digit:]]+ auid=[[:digit:]]+ ses=[[:digit:]]+ subj=unconfined msg='op=PAM:session_open grantors=(pam_[[:alnum:]]+,?)+ acct="[[:alnum:]@_-]+" exe="[[:alnum:]/]+" hostname=(\?|[[:alnum:]:.]+) addr=(\?|[[:alnum:]:.]+) terminal=[^[:space:]]+ res=success' -^((\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ audit: )?PROCTITLE proctitle=[[:xdigit:]]$ +^((\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ audit: )?PROCTITLE proctitle=[[:xdigit:]]+$