^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: banner exchange: Connection from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+: (Broken pipe|could not read protocol version|invalid format)
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: dispatch_protocol_error: type [0-9]+ seq [0-9]+ \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: drop connection #[0-9]+ from \[(UNKNOWN|([0-9]{1,3}\.){3}[0-9]{1,3})\]:-?[0-9]+ on \[([0-9]{1,3}\.){3}[0-9]{1,3}\]:22 past MaxStartups
+^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: drop connection .+ penalty: failed authentication$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: Bad remote protocol version identification:
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: beginning MaxStartups throttling
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: connect to [^ ]+ port [0-9]+ failed: Network is unreachable$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: kex_protocol_error: type [23]0 seq [0-9]+ \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: maximum authentication attempts exceeded for .+ from ([0-9]{1,3}\.){3}[0-9]{1,3} port [0-9]+ ssh2 \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: send_error: write: Connection reset by peer$
-^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: userauth_passwd: parse packet: invalid format \[preauth\]$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: error: userauth_pubkey: parse key: invalid format \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: exited MaxStartups throttling
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: (Read from socket|Write) failed: Connection reset by peer
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: Unable to negotiate a key exchange method \[preauth\]$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: no hostkey alg \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: userauth_finish: send failure packet: (Broken pipe|Connection reset by peer) \[preauth\]$
+^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: userauth_passwd: parse packet: invalid format \[preauth\]$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: fatal: userauth_pubkey: parse (publickey packet|request failed): incomplete message \[preauth\]
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: input_userauth_request: invalid user .+\[preauth\]$
^[0-9]{4}-[0-9]{2}-[0-9]{2}T[ .:+0-9]+ [._[:alnum:]-]+ sshd(-session)?\[[0-9]+\]: pam_unix\(sshd:auth\): authentication failure
projects / ansible.git / commitdiff