[Logcheck-commits] Hannes von Haugwitz: i.d.s/dropbear: new (ignore successful logins)
Hannes von Haugwitz
hvh-guest at alioth.debian.org
Fri Dec 16 08:32:19 UTC 2011
Module: logcheck
Branch: master
Commit: 20a68dbcc687700e37fdcefdc423bdc24822f4ad
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=20a68dbcc687700e37fdcefdc423bdc24822f4ad
Author: Hannes von Haugwitz <hannes at vonhaugwitz.com>
Date: Fri Dec 16 09:23:26 2011 +0100
i.d.s/dropbear: new (ignore successful logins)
closes: #652148
---
debian/changelog | 7 +++++++
rulefiles/linux/ignore.d.server/dropbear | 3 +++
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 4f9f77d..ab96dbd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+logcheck (1.3.15) UNRELEASED; urgency=low
+
+ * ignore.d.server/dropbear: new
+ - ignore successful logins (closes: #652148)
+
+ -- Hannes von Haugwitz <hannes at vonhaugwitz.com> Fri, 16 Dec 2011 08:06:47 +0100
+
logcheck (1.3.14) unstable; urgency=low
[ martin f. krafft ]
diff --git a/rulefiles/linux/ignore.d.server/dropbear b/rulefiles/linux/ignore.d.server/dropbear
new file mode 100644
index 0000000..d76e1e8
--- /dev/null
+++ b/rulefiles/linux/ignore.d.server/dropbear
@@ -0,0 +1,3 @@
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: Child connection from [.:[:xdigit:]]+:[[:digit:]]+$
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: pubkey auth succeeded for '[[:alnum:]-]+' with key md5 ([[:xdigit:]]{2}:){15}[[:xdigit:]]{2} from [.:[:xdigit:]]+:[[:digit:]]+$
+^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dropbear\[[[:digit:]]+\]: exit after auth \([[:alnum:]-]+\): Exited normally$
More information about the Logcheck-commits
mailing list