diff options
| -rw-r--r-- | logcheck/ignore.d.server/postfix | 1 | ||||
| -rw-r--r-- | logcheck/ignore.d.server/tmp | 5 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/temp | 1 |
3 files changed, 7 insertions, 0 deletions
diff --git a/logcheck/ignore.d.server/postfix b/logcheck/ignore.d.server/postfix index e9dff94..94eeb10 100644 --- a/logcheck/ignore.d.server/postfix +++ b/logcheck/ignore.d.server/postfix @@ -1,4 +1,5 @@ postfix.* table has changed -- exiting +postfix/cleanup\[.*\]: warning: premature end-of-input from cleanup socket while reading input attribute name postfix/local\[.*\]: warning: unable to create lock file /var/mail/[[:alnum:]]+\.lock: Permission denied postfix/smtp\[.*\]: .*: to=<.*>, relay=none, delay=[[:digit:]]+, status=deferred \(connect to .*\[.*\]: (Connection refused|server refused mail service)\) postfix/smtp\[.*\]: connect to .*\[.*\]: (Connection (refused|timed out)|read timeout|server (refused mail service|dropped connection)|No route to host) \(port 25\) diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp index f080db9..805ae4d 100644 --- a/logcheck/ignore.d.server/tmp +++ b/logcheck/ignore.d.server/tmp @@ -39,3 +39,8 @@ snort: IIS- snort: FrontPage- snort: spp_portscan: portscan status from snort: IDS246 - MISC - Large ICMP Packet: +snort: NETBIOS-SMB-C: +snort: NETBIOS-SMB-CD...: +snort: spp_portscan: PORTSCAN DETECTED +snort: spp_portscan: End of portscan +snort: IDS029 - SCAN-Possible Queso Fingerprint attempt: diff --git a/logcheck/violations.ignore.d/temp b/logcheck/violations.ignore.d/temp index 44128ce..a47f421 100644 --- a/logcheck/violations.ignore.d/temp +++ b/logcheck/violations.ignore.d/temp @@ -2,6 +2,7 @@ afpd\[.*\]: error removing /.+/net[\.[:digit:]]+node[[:digit:]]+: Permission den afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM_Error: Authentication failure -- (Bad file descriptor|Invalid argument) afpd\[.*\]: afp_getsrvrparms: stat /volumes/(km/kmstab/kmstab|kp/kp(/kp|/kpstab|stab/kpstab)|misc/flstab/flstab): Permission denied afpd\[.*\]: bad function 7A +afpd\[.*\]: afp_flushfork: of_find: Permission denied IMP\[.*\]: FAILED .* to .*:143 as .* i(map|pop3)d\[.*\]: (AUTHENTICATE (LOGIN|PLAIN) failure|Login failed)( user=.*)? host=(.* )?\[.*\] kernel: IP_MASQ:reverse ICMP: failed checksum from .*! |