[Logcheck-commits] r1212 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Wed Sep 13 16:12:56 UTC 2006
Author: madduck
Date: 2006-09-13 16:12:56 +0000 (Wed, 13 Sep 2006)
New Revision: 1212
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/proftpd
Log:
* ignore.d.server/proftpd: fixed rule to ignore unknown user logins.
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-08-13 10:47:20 UTC (rev 1211)
+++ logcheck/trunk/debian/changelog 2006-09-13 16:12:56 UTC (rev 1212)
@@ -30,6 +30,7 @@
* ignore.d.server/cron-apt: fixed several rules for corner cases.
* ignore.d.server/postfix: added rule for server greeting timeout.
* ignore.d.server/postfix: also add msgid status messages by cleanup daemon.
+ * ignore.d.server/proftpd: fixed rule to ignore unknown user logins.
* ignore.d.server/spamd: fixed rule for config location message.
* ignore.d.server/kernel: partially undo link status message filter, now
only filters up messages, not the down ones. By nature of the link status,
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/proftpd
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/proftpd 2006-08-13 10:47:20 UTC (rev 1211)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/proftpd 2006-09-13 16:12:56 UTC (rev 1212)
@@ -5,5 +5,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - ANON (anonymous|ftp): Login successful.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - mod_delay/[0-9.]+: delaying for [0-9]+ usecs$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - FTP no transfer timeout, disconnected$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - USER [-_.[:alnum:]]+: no such user found from \([._[:alnum:]-]+ \[[.:[:xdigit:]]+\]\) to [.:[:xdigit:]]+:[[:digit:]]{2,5}$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - USER [-_.[:alnum:]]+: no such user found from [._[:alnum:]-]+ \[[.:[:xdigit:]]+\] to [.:[:xdigit:]]+:[[:digit:]]{2,5}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\) - no such user '[-_.[:alnum:]]+'$
More information about the Logcheck-commits
mailing list