summaryrefslogtreecommitdiff
path: root/logcheck/ignore.d.server/tmp
diff options
context:
space:
mode:
Diffstat (limited to 'logcheck/ignore.d.server/tmp')
-rw-r--r--logcheck/ignore.d.server/tmp60
1 files changed, 30 insertions, 30 deletions
diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp
index 1593f31..c7e66a7 100644
--- a/logcheck/ignore.d.server/tmp
+++ b/logcheck/ignore.d.server/tmp
@@ -1,38 +1,38 @@
-IMP\[.*\]: FAILED .* to .*:143 as .*
-PAM_unix\[.*\]: authentication failure; \(uid=0\) -> .* for (imap|netatalk|pop|samba|ssh) service
-afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM (Auth OK!|Success -- .*|User entered a null value -- .*)
-afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM_Error: Authentication failure -- (Bad file descriptor|Invalid argument)
-afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM: User entered a null value -- No such file or directory
-afpd\[.*\]: afp_getsrvrparms: stat /volumes/(km/kmstab/kmstab|kp/kp/kp(/kp|/kpstab|stab/kpstab)|misc/flstab/flstab): Permission denied
-afpd\[.*\]: bad function 7A
-atalkd\[.*\]: as_timer sendto: Netvaerket er ikke tilgaengeligt
-FaxGetty\[.*\]: ANSWER: Can not lock modem device
-gnome-name-server\[.*\]: server_is_alive: .*
-i(map|pop3)d\[.*\]: (AUTHENTICATE (LOGIN|PLAIN) failure|Login failed)( user=.*)? host=(.* )?\[.*\]
-ipppd\[.*\]: Connect\[0\]: /dev/ippp[[:digit:]], fd: 12
+IMP\[[0-9]+\]: FAILED .* to .*:143 as .*
+PAM_unix\[[0-9]+\]: authentication failure; \(uid=0\) -> .* for (imap|netatalk|pop|samba|ssh) service
+afpd\[[0-9]+\]: uams_dhx_pam\.c :PAM: PAM (Auth OK!|Success -- .*|User entered a null value -- .*)
+afpd\[[0-9]+\]: uams_dhx_pam\.c :PAM: PAM_Error: Authentication failure -- (Bad file descriptor|Invalid argument)
+afpd\[[0-9]+\]: uams_dhx_pam\.c :PAM: PAM: User entered a null value -- No such file or directory
+afpd\[[0-9]+\]: afp_getsrvrparms: stat /volumes/(km/kmstab/kmstab|kp/kp/kp(/kp|/kpstab|stab/kpstab)|misc/flstab/flstab): Permission denied
+afpd\[[0-9]+\]: bad function 7A
+atalkd\[[0-9]+\]: as_timer sendto: Netvaerket er ikke tilgaengeligt
+FaxGetty\[[0-9]+\]: ANSWER: Can not lock modem device
+gnome-name-server\[[0-9]+\]: server_is_alive: .*
+i(map|pop3)d\[[0-9]+\]: (AUTHENTICATE (LOGIN|PLAIN) failure|Login failed)( user=.*)? host=(.* )?\[.*\]
+ipppd\[[0-9]+\]: Connect\[0\]: /dev/ippp[[:digit:]], fd: 12
kernel: Disorder[[:digit:]] [[:digit:]] [[:digit:]] f[[:digit:]] s[[:digit:]] rr[[:digit:]]
kernel: IP_MASQ:reverse ICMP: failed checksum from .*!
kernel: OPEN: [\.[:digit:]]* -> [\.[:digit:]]* UDP, port: [[:digit:]]* -> [[:digit:]]*
kernel: Packet log: input DENY eth1 PROTO=1 0.0.0.0:5 10.0.0.40:1 L=427 S=0xD0 I=0 F=0x4000 T=255 \(#22\)
kernel: lp[[:digit:]]: compatibility mode
kernel: Undo( partial)? (Hoe|loss|retrans)
-ntpd\[.*\]: synchronisation lost
-ntpd\[.*\]: synchronisation lost
-ntpd\[.*\]: time reset [\.[:digit:]-]* .
-ntpd\[.*\]: time reset [\.[:digit:]-]+ s
-portsentry\[.*\]: attackalert: .*
-pumpd\[.*\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
-smbd\[.*\]: read_socket_data: recv failure for 4. Error = No route to host
-smbd\[.*\]: smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ !
-smbd\[.*\]: yield_connection: tdb_delete for name failed with error Record does not exist\.
-smbd\[.*\]: \[.*\] smbd/connection.c:yield_connection\([[:digit:]]+\)
-smbd\[.*\]: \[.*\] passdb/pampass.c:smb_pam_passcheck\([[:digit:]]+\)
-sshd\[.*]: Failed password for .*
-sshd\[.*\]: packet_set_maxsize: setting to 4096
+ntpd\[[0-9]+\]: synchronisation lost
+ntpd\[[0-9]+\]: synchronisation lost
+ntpd\[[0-9]+\]: time reset [\.[:digit:]-]* .
+ntpd\[[0-9]+\]: time reset [\.[:digit:]-]+ s
+portsentry\[[0-9]+\]: attackalert: .*
+pumpd\[[0-9]+\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
+smbd\[[0-9]+\]: read_socket_data: recv failure for 4. Error = No route to host
+smbd\[[0-9]+\]: smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ !
+smbd\[[0-9]+\]: yield_connection: tdb_delete for name failed with error Record does not exist\.
+smbd\[[0-9]+\]: \[.*\] smbd/connection.c:yield_connection\([[:digit:]]+\)
+smbd\[[0-9]+\]: \[.*\] passdb/pampass.c:smb_pam_passcheck\([[:digit:]]+\)
+sshd\[[0-9]+\]: Failed password for .*
+sshd\[[0-9]+\]: packet_set_maxsize: setting to 4096
dhcpd-2.2.x: BOOTREQUEST from (00:20:6b:18:20:35|08:00:86:11:2b:71)
dhcpd-2.2.x: No applicable record for BOOTP host (00:20:6b:18:20:35|08:00:86:11:2b:71)
-postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
-postfix/smtpd\[.*\]: warning: Illegal address syntax from [\.[:alnum:]-]+\[[\.[:digit:]]+\] in MAIL command: <C:\\Email\\Headers\\fresh froms 5-1\.txt>
+postfix.*\[[0-9]+\]: .* from=<groove@mailomat.grooveattack.com>
+postfix/smtpd\[[0-9]+\]: warning: Illegal address syntax from [\.[:alnum:]-]+\[[\.[:digit:]]+\] in MAIL command: <C:\\Email\\Headers\\fresh froms 5-1\.txt>
rpc.mountd: authenticated mount request from .* for .*
snort: .*FrontPage
snort: IDS015 - RPC - portmap-request-status:
@@ -54,9 +54,9 @@ snort: spp_portscan: PORTSCAN DETECTED
snort: spp_portscan: portscan status from
snort: WEB-../..:
snort: WEB-CGI-upload.pl:
-postgres\[.*\]: \[.*\] DEBUG:
-postgres\[.*\]: \[[0-9-]*\] Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\.
-postgres\[.*\]: \[[0-9-]*\] [0-9]*; Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\.
+postgres\[[0-9]+\]: \[.*\] DEBUG:
+postgres\[[0-9]+\]: \[[0-9-]*\] Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\.
+postgres\[[0-9]+\]: \[[0-9-]*\] [0-9]*; Re-using: Free/Avail. Space .* EndEmpty/Avail\. Pages .* CPU .* sec\.
printer: offline or intervention needed
#old-style pam entries (no longer provided by logcheck but needed on woody
PAM_.*: .* session opened for user .*
generated by cgit v1.2.3 (git 2.46.0) at 2025-01-12 19:19:17 +0000