[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User madduck
logcheck-devel at lists.alioth.debian.org
Tue Jul 4 22:47:36 UTC 2006
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv21749/rulefiles/linux/violations.ignore.d
Modified Files:
logcheck-ssh
Log Message:
* violations.ignore.d/logcheck-postfix: ignore invalid SASL logins, PAM
will complain with more information (closes: #369487).
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2006/07/04 22:30:07 1.5
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2006/07/04 22:47:36 1.6
@@ -4,3 +4,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Broken pipe$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: Connection timed out$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: [-._[:alnum:]]+\[[.[:digit:]]+\]: SASL (LOGIN|PLAIN|(DIGEST|CRAM)-MD5|APOP) authentication failed$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: SASL authentication failure: Password verification failed$
More information about the Logcheck-commits
mailing list