logcheck/ignore.d.server/tmp



IMP\[.*\]: FAILED .* to .*:143 as .*
PAM_unix\[.*\]: authentication failure; \(uid=0\) -> .* for (imap|netatalk|pop|samba|ssh) service
afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM (Auth OK!|Success -- .*|User entered a null value -- .*)
afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM_Error: Authentication failure -- (Bad file descriptor|Invalid argument)
afpd\[.*\]: uams_dhx_pam\.c :PAM: PAM: User entered a null value -- No such file or directory
afpd\[.*\]: afp_getsrvrparms: stat /volumes/(km/kmstab/kmstab|kp/kp/kp(/kp|/kpstab|stab/kpstab)|misc/flstab/flstab): Permission denied
afpd\[.*\]: bad function 7A
atalkd\[.*\]: as_timer sendto: Netvaerket er ikke tilgaengeligt
FaxGetty\[.*\]: ANSWER: Can not lock modem device
gnome-name-server\[.*\]: server_is_alive: .*
i(map|pop3)d\[.*\]: (AUTHENTICATE (LOGIN|PLAIN) failure|Login failed)( user=.*)? host=(.* )?\[.*\]
ipppd\[.*\]: Connect\[0\]: /dev/ippp[[:digit:]], fd: 12
kernel: Disorder[[:digit:]] [[:digit:]] [[:digit:]] f[[:digit:]] s[[:digit:]] rr[[:digit:]]
kernel: IP_MASQ:reverse ICMP: failed checksum from .*!
kernel: OPEN: [\.[:digit:]]* -> [\.[:digit:]]* UDP, port: [[:digit:]]* -> [[:digit:]]*
kernel: Packet log: input DENY eth1 PROTO=1 0.0.0.0:5 10.0.0.40:1 L=427 S=0xD0 I=0 F=0x4000 T=255 \(#22\)
kernel: Undo( partial)? (Hoe|loss|retrans)
named\[.*\]: sysquery: findns error \(NXDOMAIN\) on dns\.homebase\.dk\?
named\[.*\]: rcvd NOTIFY\(163.97.195\.in-addr\.arpa, IN, SOA\) from \[195\.97\.163\.2\]\.[[:digit:]]+
named\[.*\]: rcvd NOTIFY for "163\.97\.195\.in-addr\.arpa", name not one of our zones
ntpd\[.*\]: synchronisation lost
ntpd\[.*\]: synchronisation lost
ntpd\[.*\]: time reset [\.[:digit:]-]* .
ntpd\[.*\]: time reset [\.[:digit:]-]+ s
portsentry\[.*\]: attackalert: .*
pumpd\[.*\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
smbd\[.*\]:   read_socket_data: recv failure for 4. Error = No route to host
smbd\[.*\]:   smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ !
smbd\[.*\]:   yield_connection: tdb_delete for name  failed with error Record does not exist\.
smbd\[.*\]: \[.*\] smbd/connection.c:yield_connection\([[:digit:]]+\)
smbd\[.*\]: \[.*\] passdb/pampass.c:smb_pam_passcheck\([[:digit:]]+\)
sshd\[.*]: Failed password for .*
sshd\[.*\]: packet_set_maxsize: setting to 4096
dhcpd-2.2.x: BOOTREQUEST from 00:20:6b:18:20:35
dhcpd-2.2.x: No applicable record for BOOTP host 00:20:6b:18:20:35
postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
snort: FrontPage-
snort: IDS015 - RPC - portmap-request-status:
snort: IDS029 - SCAN-Possible Queso Fingerprint attempt:
snort: IDS115 - MISC-Traceroute-UDP:
snort: IDS212 - MISC - DNS Zone Transfer:
snort: IDS226 - CVE-1999-0172 - CGI-formmail:
snort: IDS246 - MISC - Large ICMP Packet:
snort: IIS-
snort: MISC-Attempted Sun RPC high port access:
snort: NETBIOS-SMB-C:
snort: NETBIOS-SMB-CD...:
snort: NMAP TCP ping!:
snort: RPC Info Query:
snort: SCAN-SYN FIN:
snort: spp_http_decode: IIS Unicode attack detected:
snort: spp_portscan: End of portscan
snort: spp_portscan: PORTSCAN DETECTED
snort: spp_portscan: portscan status from
snort: WEB-../..:
snort: WEB-CGI-upload.pl:
postgres\[.*\]: \[.*\] DEBUG:
postgres\[.*\]: \[[:digit:]-\] ^ITotal CPU .* sec elapsed .* sec\.