kolan
/
etc-config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Logcheck backbone's rules added.

This commit is contained in:
Kolan Sh 2015-09-05 12:22:02 +03:00
parent 42f22b5222
commit b12202e1e1
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
logcheck/ignore.d.server/backbone Normal file
View File

@ -0,0 +1,11 @@
# dovecot
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+.*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)\([^)]*\): Disconnected: Logged out.*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)\([^)]*\): Connection closed in.*$
# cron
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (CROND|crond|run-crons)(\[[0-9]+\])?: .*$
# syn-flood
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: IPTables SYN-FLOOD: .*$