68 lines
3.4 KiB
Plaintext
68 lines
3.4 KiB
Plaintext
###############################################################################
|
|
# Copyright 2006-2017, Way to the Web Limited
|
|
# URL: http://www.configserver.com
|
|
# Email: sales@waytotheweb.com
|
|
###############################################################################
|
|
# The following is a list of regular expressions for the LOGSCANNER feature.
|
|
# If a log line matches it will be ignored, otherwise it will be reported
|
|
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ kernel:\s(\[[^\]]+\]\s)?Firewall:
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ suhosin\[\d+\]: ALERT - script tried to increase memory_limit
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view internal
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view external
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client .* view localhost_resolver
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: connection refused resolving
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: lame server resolving
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: network unreachable resolving
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: unexpected RCODE
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* loaded serial
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: zone .* sending notifies
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: FORMERR resolving
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: checkhints: view localhost_resolver:
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE REFUSED\)
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(unexpected RCODE SERVFAIL\)
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(host unreachable\)
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(network unreachable\)
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(connection refused \) resolving
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: error \(FORMERR\) resolving
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ pure-ftpd: \([\w\?\@\+\%\.]+\@\d+\.\d+\.\d+\.\d+\) \[(INFO|NOTICE)\]
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ Cp-Wrap\[\d+\]:
|
|
^\[\S+\s\S+\s\S+\] info
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ gconfd
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Started Session
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting Session
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Failed to mark scope
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: New session
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd-logind: Removed session
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Created slice
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Removed slice user
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting user
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Stopping user
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Reloading
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting User Slice
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Stopping User Slice
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Removed slice User
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ nscd: \d+\ monitor
|
|
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ dbus-daemon: dbus\[\d+\]: \[system\] Activating via systemd
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ dbus-daemon: dbus\[\d+\]: \[system\] Successfully activated
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ dbus\[\d+\]: \[system\] Activating via systemd
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ dbus\[\d+\]: \[system\] Successfully activated
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Starting Time
|
|
^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ systemd: Started Time
|
|
|
|
==> cpsrvd \S+ started
|
|
==> cpsrvd: loading security policy....Done
|
|
==> cpsrvd: Setting up SSL support ... Done
|
|
==> cpsrvd: transferred port bindings
|
|
==> cpsrvd: bound to ports
|