X-Git-Url: https://git.phdru.name/?a=blobdiff_plain;ds=sidebyside;f=playbooks%2Fdebian%2Froles%2Flogcheck%2Ffiles%2Fignore.d%2Flocal-ssh;fp=playbooks%2Fdebian%2Froles%2Flogcheck%2Ffiles%2Fignore.d%2Flocal-ssh;h=dd754294d95af1a538d9595b68b349fbf1e91a5d;hb=25191cf9bc1d011a6d82706c917013ac8e1d9160;hp=0000000000000000000000000000000000000000;hpb=4359bb87040b0c557aa6d74602c0ff9774bbc5a7;p=ansible.git

diff --git a/playbooks/debian/roles/logcheck/files/ignore.d/local-ssh b/playbooks/debian/roles/logcheck/files/ignore.d/local-ssh
new file mode 100644
index 0000000..dd75429
--- /dev/null
+++ b/playbooks/debian/roles/logcheck/files/ignore.d/local-ssh
@@ -0,0 +1,16 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: (error: )?Received disconnect from
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: (packet_write_wait|ssh_dispatch_run_fatal): Connection from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+: Broken pipe \[preauth\]
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Bad protocol version identification
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Connection (closed|reset) by ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+ \[preauth\]
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Disconnected from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+ \[preauth\]
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Disconnecting: Change of username or service not allowed:
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Disconnecting: Too many authentication failures
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Failed password for invalid user +[A-Za-z0-9 !@#$%^&*_,./\\+-]+ from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Invalid user +[A-Za-z0-9 !@#$%^&*_,./\\+-]* from ([0-9]{1,3}\.){3}[0-9]{1,3}
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: PAM service\(sshd\) ignoring max retries
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Unable to negotiate with ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+: no matching (host key type|key exchange method) found\.
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: (Read from socket|Write) failed: Connection reset by peer
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Unable to negotiate a key exchange method \[preauth\]$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: no hostkey alg \[preauth\]
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: input_userauth_request: invalid user +[A-Za-z0-9 !@#$%^&*_,./\\+-]+ \[preauth\]$