diff --git a/logcheck_debian b/logcheck_debian
index e79c5d6..5276edc 100644
--- a/logcheck_debian
+++ b/logcheck_debian
@@ -30,6 +30,11 @@
 #Apr 20 23:40:45 nada freshclam[302]: Downloading bytecode-294.cdiff [100%]
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Downloading ((daily|bytecode)-[0-9]+.cdiff|main.cvd|bytecode.cvd) \[100%\] ?$
 
+#Nov  7 09:58:48 nada freshclam[304]: Reading CVD header (main.cvd): OK (IMS)
+#Nov  7 09:58:48 nada freshclam[304]: Reading CVD header (daily.cvd): OK
+#Nov  7 09:58:49 nada freshclam[304]: Reading CVD header (bytecode.cvd): OK
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Reading CVD header \((main|daily|bytecode).cvd\): OK( \(IMS\))?
+
 # Mar 11 07:30:29 kvarnen freshclam[485]: nonblock_connect: connect timing out (30 secs)
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: nonblock_connect: connect timing out \(30 secs\)
 
@@ -95,6 +100,11 @@
 #Mar 19 06:47:45 nada clamav-milter: ClamAV: mi_stop=1
 \w{3} [ :0-9]{11} [._[:alnum:]-]+ clamav-milter: ClamAV: mi_stop=1
 
+#Nov  7 09:58:47 nada freshclam[304]: WARNING: DNS record is older than 3 hours.
+#Nov  7 09:58:47 nada freshclam[304]: WARNING: Invalid DNS reply. Falling back to HTTP mode.
+\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: WARNING: (DNS record is older than 3 hours.|Invalid DNS reply. Falling back to HTTP mode.)
+
+
 
 #
 # DOVECOT
diff --git a/logcheck_ubuntu b/logcheck_ubuntu
index 0e6835e..260dcad 100644
--- a/logcheck_ubuntu
+++ b/logcheck_ubuntu
@@ -63,6 +63,14 @@
 \w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ mosquitto\[[[:digit:]]+\]:
 
 
+#
+# MOTD
+#
+#Nov  7 10:35:56 marconi 50-motd-news[31369]:  * Ubuntu 17.10 releases with Gnome, Kubernetes 1.8, and minimal
+#Nov  7 10:35:56 marconi 50-motd-news[31369]:    base images
+#Nov  7 10:35:56 marconi 50-motd-news[31369]:    - https://ubu.one/u1710
+\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ 50-motd-news\[[[:digit:]]+\]:
+
 
 #
 # NAMED
@@ -119,7 +127,9 @@
 #Mar  9 05:42:53 marconi sshd[6125]: fatal: Unable to negotiate with 84.241.42.101 port 61319: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman#Sep  9 10:56:11 marconi sshd[2798]: fatal: Unable to negotiate with 54.156.158.234 port 41078: no matching host key type found. Their offer: ecdsa-sha2-nistp384 [preauth]
 #Sep  9 10:56:12 marconi sshd[2802]: fatal: Unable to negotiate with 54.156.158.234 port 41330: no matching host key type found. Their offer: ecdsa-sha2-nistp521 [preauth]
 #Sep  9 10:56:14 marconi sshd[2816]: fatal: Unable to negotiate with 54.156.158.234 port 42036: no matching host key type found. Their offer: ssh-dss [preauth]-group-exchange-sha1 [preauth]
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Unable to negotiate with [.:[:digit:]]+ port [.:[:digit:]]+: no matching (host key type|key exchange method) found. Their offer: [-,[:alnum:]]+ \[preauth\]
+#Nov  7 10:50:46 marconi sshd[3881]: Unable to negotiate with 173.255.227.186 port 51816: no matching host key type found. Their offer: ssh-dss [preauth]
+OA
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]:( fatal:)? Unable to negotiate with [.:[:digit:]]+ port [.:[:digit:]]+: no matching (host key type|key exchange method) found. Their offer: [-,[:alnum:]]+ \[preauth\]
 
 #Mar  2 20:51:23 marconi sshd[8330]: error: maximum authentication attempts exceeded for invalid user admin from 182.45.153.221 port 54407 ssh2 [preauth]
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: maximum authentication attempts exceeded for invalid user [[:alnum:]]+ from [.:[:digit:]]+ port [.:[:digit:]]+ ssh2 \[preauth\]
diff --git a/testlog b/testlog
index 4a0c978..0a98b84 100644
--- a/testlog
+++ b/testlog
@@ -607,6 +607,15 @@ Nov  2 11:55:16 marconi sshd[496]: Connection closed by authenticating user root
 Nov  2 13:11:27 marconi sshd[31688]: Disconnecting invalid user admin 114.97.151.158 port 40382: Too many authentication failures [preauth]
 Nov  2 13:26:23 marconi sshd[4249]: Disconnected from user fredrik 66.23.226.92 port 38190
 Nov  2 13:28:15 marconi sshd[5020]: Disconnected from user fredrik 66.23.226.92 port 39248
+Nov  7 09:58:47 nada freshclam[304]: WARNING: DNS record is older than 3 hours.
+Nov  7 09:58:47 nada freshclam[304]: WARNING: Invalid DNS reply. Falling back to HTTP mode.
+Nov  7 09:58:48 nada freshclam[304]: Reading CVD header (main.cvd): OK (IMS)
+Nov  7 09:58:48 nada freshclam[304]: Reading CVD header (daily.cvd): OK
+Nov  7 09:58:49 nada freshclam[304]: Reading CVD header (bytecode.cvd): OK
+Nov  7 10:35:56 marconi 50-motd-news[31369]:  * Ubuntu 17.10 releases with Gnome, Kubernetes 1.8, and minimal
+Nov  7 10:35:56 marconi 50-motd-news[31369]:    base images
+Nov  7 10:35:56 marconi 50-motd-news[31369]:    - https://ubu.one/u1710
+Nov  7 10:50:46 marconi sshd[3881]: Unable to negotiate with 173.255.227.186 port 51816: no matching host key type found. Their offer: ssh-dss [preauth]
 
 
 Aug 23 18:39:24 nada fredrik[1713]: Kontrollrad. Syns detta har vi problem...