Mercurial > syslog2iptables

comparison syslog2iptables.conf @ 3:8fe310e5cd44

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
initial coding
author carl
date Sun, 27 Nov 2005 21:12:01 -0800
parents 551433a01cab
children 2737ab01659a
comparison
equal deleted inserted replaced
2:6e88da080f08 3:8fe310e5cd44
1 file "/var/log/cisco.log" { 1 threshold 600;
2 parser cisco; 2
3 ignore {
4 127.0.0.0/8; // localhost
5 205.147.40.32/26; // 510sg
6 205.147.0.100/24; // digilink
7 205.147.39.128/25; // ams
3 }; 8 };
4 9
5 file "/var/log/messages" { 10 file "/var/log/cisco.log" {
6 parser ssh; 11 pattern "Internet_Firewall denied (tcp|udp) ([^(]*)" {
12 index 2; // zero based
13 bucket 200;
14 };
7 }; 15 };
16
17 file "messages.log" {
18 pattern "sshd.pam_unix.*authentication failure.*rhost=(.*) user=" {
19 index 1; // zero based
20 bucket 300;
21 };
22 pattern "sshd.pam_unix.*authentication failure.*rhost=(.*)$" {
23 index 1; // zero based
24 bucket 300;
25 };
26 };