diff options
| -rw-r--r-- | logcheck/violations.ignore.d/local | 2 | ||||
| -rw-r--r-- | logcheck/violations.ignore.d/su | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local index 4c5957a..463d983 100644 --- a/logcheck/violations.ignore.d/local +++ b/logcheck/violations.ignore.d/local @@ -71,6 +71,8 @@ smbd\[[0-9]+\]: write_socket_data: write failure\. Error = Connection reset by ### violations.ignore.d/ssh sshd\[[0-9]+\]: Failed keyboard-interactive for [^[:space:]]+ from [\.0-9]+ port [0-9]+ ssh2$ ssh\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=[^[:space:]]+ user=[^[:space:]]+$ +### violations.ignore.d/su +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[[:alnum:]-]+ ?$ ### violations.ignore.d/temp (imap|netatalk|pop|samba)\(pam_unix\)\[[0-9]+\]: authentication failure; logname= uid=0 euid=0 tty=[^[:space:]]* ruser= rhost=[^[:space:]]* user=[[:alnum:]]+$ afpd\[[0-9]+\]: afp_flushfork: of_find: Permission denied diff --git a/logcheck/violations.ignore.d/su b/logcheck/violations.ignore.d/su new file mode 100644 index 0000000..3bf3525 --- /dev/null +++ b/logcheck/violations.ignore.d/su @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[[:alnum:]-]+ ?$ |