[Logcheck-commits] [SCM] logcheck source and rules branch, master, updated. debian/1.3.14-1-g20a68db
Hannes von Haugwitz
hannes at vonhaugwitz.com
Fri Dec 16 08:32:19 UTC 2011
The following commit has been merged in the master branch:
commit 20a68dbcc687700e37fdcefdc423bdc24822f4ad
Author: Hannes von Haugwitz <hannes at vonhaugwitz.com>
Date: Fri Dec 16 09:23:26 2011 +0100
i.d.s/dropbear: new (ignore successful logins)
closes: #652148
diff --git a/debian/changelog b/debian/changelog
index 4f9f77d..ab96dbd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+logcheck (1.3.15) UNRELEASED; urgency=low
+
+ * ignore.d.server/dropbear: new
+ - ignore successful logins (closes: #652148)
+
+ -- Hannes von Haugwitz <hannes at vonhaugwitz.com> Fri, 16 Dec 2011 08:06:47 +0100
+
logcheck (1.3.14) unstable; urgency=low
[ martin f. krafft ]
diff --git a/rulefiles/linux/ignore.d.server/dropbear b/rulefiles/linux/ignore.d.server/dropbear
new file mode 100644
index 0000000..d76e1e8
--- /dev/null
+++ b/rulefiles/linux/ignore.d.server/dropbear
@@ -0,0 +1,3 @@
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: Child connection from [.:[:xdigit:]]+:[[:digit:]]+$
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: pubkey auth succeeded for '[[:alnum:]-]+' with key md5 ([[:xdigit:]]{2}:){15}[[:xdigit:]]{2} from [.:[:xdigit:]]+:[[:digit:]]+$
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: exit after auth \([[:alnum:]-]+\): Exited normally$
--
logcheck source and rules
More information about the Logcheck-commits
mailing list