From b82ea2077ed3db097bb429e1ea88af37cea90669 Mon Sep 17 00:00:00 2001 From: Fredrik Wahlberg Date: Thu, 13 Oct 2016 12:40:51 +0200 Subject: [PATCH] =?UTF-8?q?Systemd=20b=C3=B6rjar=20ocks=C3=A5=20sp=C3=B6ka?= =?UTF-8?q?=20efter=20en=20uppdatering?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- logcheck_ignore | 12 +++++++++++- testlog | 4 +++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/logcheck_ignore b/logcheck_ignore index 2ecbf8f..af4fefb 100644 --- a/logcheck_ignore +++ b/logcheck_ignore @@ -432,4 +432,14 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ suhosin\[[[:digit:]]+\]: ALERT - configured (GET|request) variable (value|name) length limit exceeded - dropped variable #Apr 19 21:14:31 nada suhosin[28060]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'file' (attacker '62.210.203.159', file '/home/happysthlm/www.happysthlm.se/index.php') -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ suhosin\[[[:digit:]]+\]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'file' \(attacker '[.[:digit:]]+', file '.*'\) \ No newline at end of file +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ suhosin\[[[:digit:]]+\]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'file' \(attacker '[.[:digit:]]+', file '.*'\) + + + +# +# Systemd +# + +#Oct 13 08:31:17 kvarnen systemd[1]: Starting Cleanup of Temporary Directories... +#Oct 13 08:31:17 kvarnen systemd[1]: Started Cleanup of Temporary Directories. +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[1\]: (Started|Starting) Cleanup of Temporary Directories.{1,3} \ No newline at end of file diff --git a/testlog b/testlog index c0c16fd..adee018 100644 --- a/testlog +++ b/testlog @@ -214,4 +214,6 @@ Jun 25 17:26:26 nada sshd[7935]: input_userauth_request: invalid user user\\r [p Aug 16 19:28:06 nada sshd[12135]: Postponed keyboard-interactive/pam for invalid user admin from 75.149.180.141 port 65264 ssh2 [preauth] Aug 16 21:57:30 nada sshd[26976]: Postponed keyboard-interactive/pam for invalid user support from 103.207.36.244 port 59302 ssh2 [preauth] Aug 17 10:52:11 nada sshd[24804]: Received disconnect from 89.97.55.33: 11: disconnected by user [preauth] -Aug 23 06:06:16 nada suhosin[4003]: ALERT - configured GET variable value length limit exceeded - dropped variable 'page' (attacker '216.172.189.152', file '/home/fredrik/www.wahlis.com/dnsupdate/man.php') \ No newline at end of file +Aug 23 06:06:16 nada suhosin[4003]: ALERT - configured GET variable value length limit exceeded - dropped variable 'page' (attacker '216.172.189.152', file '/home/fredrik/www.wahlis.com/dnsupdate/man.php') +Oct 13 08:31:17 kvarnen systemd[1]: Starting Cleanup of Temporary Directories... +Oct 13 08:31:17 kvarnen systemd[1]: Started Cleanup of Temporary Directories.