diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2003-05-14 16:21:35 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2003-05-14 16:21:35 +0000 |
| commit | 705b53fccac364516bd4e57bb5084a97e9d5ffa3 (patch) | |
| tree | 3ab88eef3c0b2c0571a372a2addd1377ba23f36d | |
| parent | 0db2b007ab314c17c77e307674d26b363e82a8fb (diff) | |
Really fix ignoring ssh failed logins.
| -rw-r--r-- | logcheck/violations.ignore.d/local | 2 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/ssh | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local index e2afa56..556a4fe 100644 --- a/logcheck/violations.ignore.d/local +++ b/logcheck/violations.ignore.d/local @@ -66,7 +66,7 @@ proftpd\[[0-9]+\]: [^[:space:]]+ \([^[:space:]\[]+\[[\.0-9]+\]\) - USER anonymou smbd\[[0-9]+\]: read(_socket)?_data: (read|recv) failure for 4\. Error = (No route to host|Connection reset by peer)$ ### violations.ignore.d/ssh sshd\[[0-9]+\]: Failed keyboard-interactive for [^[:space:]]+ from [\.0-9]+ port [0-9]+ ssh2$ -ssh\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=[^[space]]+ user=[^[space]]+$ +ssh\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=[^[:space:]]+ user=[^[:space:]]+$ ### violations.ignore.d/temp (imap|netatalk|pop|samba)\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=[^[:space:]]* ruser= rhost=[^[:space:]]* user=[[:alnum:]]+$ afpd\[[0-9]+\]: afp_flushfork: of_find: Permission denied diff --git a/logcheck/violations.ignore.d/ssh b/logcheck/violations.ignore.d/ssh index fc3c2fc..fb1f8e7 100644 --- a/logcheck/violations.ignore.d/ssh +++ b/logcheck/violations.ignore.d/ssh @@ -1,2 +1,2 @@ sshd\[[0-9]+\]: Failed keyboard-interactive for [^[:space:]]+ from [\.0-9]+ port [0-9]+ ssh2$ -ssh\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=[^[space]]+ user=[^[space]]+$ +ssh\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=[^[:space:]]+ user=[^[:space:]]+$ |