Mercurial > syslog2iptables
view remote.mbmg @ 20:0d65c3de34fd
add better logging
author | carl |
---|---|
date | Sun, 08 Jan 2006 12:36:57 -0800 |
parents | 5dfe0138b4f9 |
children |
line wrap: on
line source
threshold 550; ignore { 127.0.0.0/8; // localhost 205.147.40.32/26; // 510sg 205.147.0.100/24; // digilink 205.147.39.128/25; // ams 205.147.48.64/26; // mbmg }; file "/var/log/cisco-firewall" { pattern "Inbound_Firewall denied (tcp|udp) ([^(]*)" { index 2; // zero based bucket 200; }; }; file "/var/log/secure" { pattern "sshd.*Failed password .* from ::ffff:(.*) port" { index 1; // zero based bucket 400; }; pattern "sshd.*Failed password .* from (.*) port" { index 1; // zero based bucket 400; }; }; // file "/var/log/messages" { // pattern "sshd.pam_unix.*authentication failure.*rhost=(.*) user=" { // index 1; // zero based // bucket 300; // }; // pattern "sshd.pam_unix.*authentication failure.*rhost=(.*)$" { // index 1; // zero based // bucket 300; // }; // };