From e46e99242a75424542580c9d05615793295f7239 Mon Sep 17 00:00:00 2001
From: Kolan Sh <backbone@backbone.ws>
Date: Thu, 20 Jul 2017 17:20:54 +0300
Subject: [PATCH] Logcheck: ignore sshd: Connection reset by...

---
 logcheck/ignore.d.server/backbone | 1 +
 1 file changed, 1 insertion(+)

diff --git a/logcheck/ignore.d.server/backbone b/logcheck/ignore.d.server/backbone
index 362b811..71c0c8b 100644
--- a/logcheck/ignore.d.server/backbone
+++ b/logcheck/ignore.d.server/backbone
@@ -17,6 +17,7 @@
 # sshd
 #^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd(\[[0-9]+\])?: .*$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd(\[[0-9]+\])?: (Connection closed by invalid|Invalid user|Did not receive identification|Connection closed by|Received disconnect from|Disconnecting authenticating user|error: maximum authentication|Disconnected from|Disconnecting invalid user|Unable to negotiate with|Bad protocol version identification|error: Received disconnect from).*$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd(\[[0-9]+\])?: Connection reset by .*$
 
 # sshguard
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshguard(\[[0-9]+\])?: [0-9.]+ has already been blocked$