[Logcheck-commits] r1224 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Fri Oct 6 15:01:48 UTC 2006


Author: madduck
Date: 2006-10-06 15:01:48 +0000 (Fri, 06 Oct 2006)
New Revision: 1224

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
Log:
* ignore.d.server/ssh: ignoring ssh_msg_recv failure messages.

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2006-10-06 14:53:14 UTC (rev 1223)
+++ logcheck/trunk/debian/changelog	2006-10-06 15:01:48 UTC (rev 1224)
@@ -58,8 +58,9 @@
   [ martin f. krafft ]
   * ignore.d.server/dovecot: ignoring inactivity logouts.
   * ignore.d.server/pdns: ignoring message about new superslave zones.
+  * ignore.d.server/ssh: ignoring ssh_msg_recv failure messages.
 
- -- martin f. krafft <madduck at debian.org>  Fri,  6 Oct 2006 16:52:56 +0200
+ -- martin f. krafft <madduck at debian.org>  Fri,  6 Oct 2006 17:01:23 +0200
 
 logcheck (1.2.47) unstable; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/ssh
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/ssh	2006-10-06 14:53:14 UTC (rev 1223)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/ssh	2006-10-06 15:01:48 UTC (rev 1224)
@@ -19,3 +19,4 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAK-?IN ATTEMPT!$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAK-?IN ATTEMPT!$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: recv_rexec_state: ssh_msg_recv failed$




More information about the Logcheck-commits mailing list