[Logcheck-commits] =?UTF-8?Q?Fr=C3=A9d=C3=A9ric=20Bri=C3=A8re?=: i.d.s/ssh: ignore " Closed due to user request." (closes: #647943)
Frédéric Brière
fbriere-guest at alioth.debian.org
Mon Jan 16 16:14:51 UTC 2012
Module: logcheck
Branch: master
Commit: ac473effaff556edcc55e03b767a1b567880c89a
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=ac473effaff556edcc55e03b767a1b567880c89a
Author: Frédéric Brière <fbriere at fbriere.net>
Date: Sun Jan 15 19:39:42 2012 -0500
i.d.s/ssh: ignore "Closed due to user request." (closes: #647943)
(I think this was only on lenny, but what the hell.)
---
debian/changelog | 1 +
rulefiles/linux/ignore.d.server/ssh | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 2acab44..69d4cb9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,7 @@ logcheck (1.3.15) UNRELEASED; urgency=low
[ Frédéric Brière ]
* ignore.d.server/ssh:
- ignore "PAM $n more authentication failures"
+ - ignore "Closed due to user request." (closes: #647943)
-- Hannes von Haugwitz <hannes at vonhaugwitz.com> Fri, 16 Dec 2011 08:06:47 +0100
diff --git a/rulefiles/linux/ignore.d.server/ssh b/rulefiles/linux/ignore.d.server/ssh
index d6678ef..5df801f 100644
--- a/rulefiles/linux/ignore.d.server/ssh
+++ b/rulefiles/linux/ignore.d.server/ssh
@@ -11,7 +11,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: PAM pam_putenv: delete non-existent entry; [[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for [^[:space:]]+ from [^[:space:]]+ port [[:digit:]]+( (ssh|ssh2))?$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: [12]: Timeout, server not responding\.$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: 11: disconnected by user$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: 11: (disconnected by user|Closed due to user request\.)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Client disconnect$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Disconnect requested by Windows SSH Client\.$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Server listening on [:[:xdigit:].]+ port [[:digit:]]+\.$
More information about the Logcheck-commits
mailing list