update SSH patterns

[ansible.git] / roles / journalwatch / templates / patterns

diff --git a/roles/journalwatch/templates/patterns b/roles/journalwatch/templates/patterns
index 2afbf284e951a61c2a1ba18327d76e9b186b1c33..a9f2961a7534341f4567eda8e26555a33ed133e4 100644 (file)
--- a/roles/journalwatch/templates/patterns
+++ b/roles/journalwatch/templates/patterns
@@ -85,7 +85,7 @@ auth: Warning: Event 0x[\da-fA-F]+ leaked \(parent=\(nil\)\): auth-client-connec
 SYSLOG_IDENTIFIER = sshd
 error: Received disconnect from [\da-fA-F.:]+ port \d+:\d+: .*
 error: maximum authentication attempts exceeded for (invalid user [\w_-]*|[\w_-]+) from [\da-fA-F.:]+ port \d+ ssh2 \[preauth\]
-error: (kex_exchange_identification|send_error|kex protocol error|Bad remote protocol version identification|Protocol major versions differ|beginning MaxStartups throttling).*
+error: (kex_exchange_identification|send_error|kex_protocol_error|kex protocol error|Bad remote protocol version identification|Protocol major versions differ|beginning MaxStartups throttling).*
 fatal: ssh_packet_get_string: string is too large \[preauth\]
 fatal: userauth_pubkey: parse request failed: incomplete message \[preauth\]
 error: userauth_pubkey: could not parse key: Invalid key length \[preauth\]
@@ -101,4 +101,4 @@ _SYSTEMD_SLICE=system-openvpn.slice
 (client/)?[0-9a-f.:]+ (peer info: .*|VERIFY OK: .*|Outgoing Data Channel: .*|Incoming Data Channel: .*|Control Channel: .*|TLS: .*|\[client\] .*|MULTI(_sva)?: .*|SIGUSR1.*|PUSH: .*|SENT CONTROL \[client\]: .*|WARNING: '(tun|link)-mtu' is used inconsistently, local='(tun|link)-mtu \d+', remote='(tun|link)-mtu \d+')
 
 SYSLOG_IDENTIFIER = kernel
-xfs filesystem being remounted at /run/schroot/mount/schsh-[^ ]* supports timestamps until 2038 (0x7fffffff)
+xfs filesystem being remounted at /run/schroot/mount/schsh-[^ ]* supports timestamps until 2038 \(0x7fffffff\)