From b12202e1e1f2ecd0154fd507319ea2142b571e04 Mon Sep 17 00:00:00 2001
From: Kolan Sh <backbone@backbone.ws>
Date: Sat, 5 Sep 2015 12:22:02 +0300
Subject: [PATCH] Logcheck backbone's rules added.

---
 logcheck/ignore.d.server/backbone | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 logcheck/ignore.d.server/backbone

diff --git a/logcheck/ignore.d.server/backbone b/logcheck/ignore.d.server/backbone
new file mode 100644
index 0000000..d8eb8f3
--- /dev/null
+++ b/logcheck/ignore.d.server/backbone
@@ -0,0 +1,11 @@
+# dovecot
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+.*$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)\([^)]*\): Disconnected: Logged out.*$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot(\[[0-9]+\])?: (pop3|imap)\([^)]*\): Connection closed in.*$
+
+# cron
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (CROND|crond|run-crons)(\[[0-9]+\])?: .*$
+
+# syn-flood
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ kernel: IPTables SYN-FLOOD: .*$
+