From: Ralf Jung Date: Mon, 16 Apr 2018 20:36:38 +0000 (+0200) Subject: journalwatch: ssh X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/b63de6591c2703d1614428d9fb455e6c6ce9d3ba?hp=2765f5511a2b3774ec7c66a4e13aaf6df2668c2d journalwatch: ssh --- diff --git a/roles/journalwatch/files/patterns b/roles/journalwatch/files/patterns index 8f2b9f7..e1ba50a 100644 --- a/roles/journalwatch/files/patterns +++ b/roles/journalwatch/files/patterns @@ -60,7 +60,7 @@ SYSLOG_IDENTIFIER = sshd error: Received disconnect from [\da-fA-F.:]+ port \d+:\d+: .* error: maximum authentication attempts exceeded for invalid user \w+ from [\da-fA-F.:]+ port \d+ ssh2( \[preauth\])? pam_unix\(sshd:auth\): check pass; user unknown -(pam_unix\(sshd:auth\): authentication failure|PAM \d+ more authentication failures); logname= uid=0 euid=0 tty=ssh ruser= rhost=[\da-fA-F.:]+( user=root)? +(pam_unix\(sshd:auth\): authentication failure|PAM \d+ more authentication failures?); logname= uid=0 euid=0 tty=ssh ruser= rhost=[\da-fA-F.:]+( user=root)? _SYSTEMD_UNIT = bind9.service client [\da-fA-F.:]+#\d+ \([\w.-]+\): (zone transfer '[\w.-]+/AXFR/IN' denied|message parsing failed: (bad compression pointer|bad label type))