X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/dec35a3f16cf549b18439409490e529c0b89bdd8:/roles/journalwatch/files/patterns..fecf6724bb026a4891a89c33356870f83bcd76ee:/roles/journalwatch/templates/static/gitweb.css diff --git a/roles/journalwatch/files/patterns b/roles/journalwatch/files/patterns deleted file mode 100644 index dd3b2d4..0000000 --- a/roles/journalwatch/files/patterns +++ /dev/null @@ -1,73 +0,0 @@ -# In this file, patterns for journalwatch are defined to blacklist all journal -# messages which are not errors. -# -# Lines starting with '#' are comments. Inline-comments are not permitted. -# -# The patterns are separated into blocks delimited by empty lines. Each block -# matches on a log entry field, and the patterns in that block then are matched -# against all messages with a matching log entry field. -# -# The syntax of a block looks like this: -# -# = -# -# [] -# [...] -# -# If starts and ends with a slash, it is interpreted as a regular -# expression, if not, it's an exact match. Patterns are always regular -# expressions. -# -# Below are some useful examples. If you have a small set of users, you might -# want to adjust things like "user \w" to something like "user (root|foo|bar)". -# -# The regular expressions are extended Python regular expressions, for details -# see: -# -# https://docs.python.org/3.4/library/re.html#regular-expression-syntax -# https://docs.python.org/3.4/howto/regex.html -# http://doc.pyschools.com/html/regex.html -# -# The journal fields are explained in systemd.journal-fields(7). - -_SYSTEMD_UNIT = systemd-logind.service -New session [a-z]?\d+ of user \w+\. -Removed session [a-z]?\d+\. - -SYSLOG_IDENTIFIER = /(CROND|crond)/ -pam_unix\(crond:session\): session (opened|closed) for user \w+ -\(\w+\) CMD .* - -SYSLOG_IDENTIFIER = systemd -(Stopped|Stopping|Starting|Started) .* -(Created slice|Removed slice) user-\d+\.slice\. -Received SIGRTMIN\+24 from PID .* -(Reached target|Stopped target) .* -Startup finished in \d+ms\. - -_SYSTEMD_UNIT = init.scope -user@\d+\.service: Killing process \d+ \(kill\) with signal SIGKILL\. - -SYSLOG_IDENTIFIER = sudo -\s*[_\w.-]+ : TTY=(unknown|console|(pts/|ttyp?|vc/)\d+) ; PWD=[^;]+ ; USER=[._\w-]+ ; COMMAND=.* - -_SYSTEMD_UNIT = postfix@-.service -warning: hostname [^\s]+ does not resolve to address [\da-fA-F.:]+(: Name or service not known)? -warning: [._\w-]+\[[\da-fA-F.:]+\]: SASL LOGIN authentication failed: .+ -warning: non-SMTP command from \w+\[[\da-fA-F.:]+\]: .* -warning: TLS library problem: error:[0-9A-F]+:SSL routines:\w+:(no shared cipher|decryption failed or bad record mac|unknown protocol|version too low):[\w./]+:\d+: -Failed to create /user.slice/user-\d+.slice/user@\d+.service/init.scope control group: Permission denied -Failed to allocate manager object: Permission denied - -_SYSTEMD_UNIT = dovecot.service -auth: Warning: auth client \d+ disconnected with \d+ pending requests: (EOF|Connection reset by peer) - -SYSLOG_IDENTIFIER = sshd -error: Received disconnect from [\da-fA-F.:]+ port \d+:\d+: .* -error: maximum authentication attempts exceeded for (invalid user \w*|\w+) from [\da-fA-F.:]+ port \d+ ssh2( \[preauth\])? - -_SYSTEMD_UNIT = bind9.service -client [\da-fA-F.:]+#\d+ \([\w.-]+\): (zone transfer '[\w.-]+/AXFR/IN' denied|message parsing failed: (bad compression pointer|bad label type)) - -_SYSTEMD_UNIT = opendkim.service -[A-Z0-9]+: (bad signature data|failed to parse [Aa]uthentication-[Rr]esults: header field)