Add customized logsentry configuration
This commit is contained in:
parent
389f1a8eae
commit
6782746f3c
81
roles/logsentry/files/logsentry.ignore
Normal file
81
roles/logsentry/files/logsentry.ignore
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
authsrv.*AUTHENTICATE
|
||||||
|
cron.*CMD
|
||||||
|
cron.*RELOAD
|
||||||
|
cron.*STARTUP
|
||||||
|
ftp-gw.*: exit host
|
||||||
|
ftp-gw.*: permit host
|
||||||
|
ftpd.*ANONYMOUS FTP LOGIN
|
||||||
|
ftpd.*FTP LOGIN FROM
|
||||||
|
ftpd.*retrieved
|
||||||
|
ftpd.*stored
|
||||||
|
http-gw.*: exit host
|
||||||
|
http-gw.*: permit host
|
||||||
|
mail.local
|
||||||
|
named.*Lame delegation
|
||||||
|
named.*Response from
|
||||||
|
named.*answer queries
|
||||||
|
named.*points to a CNAME
|
||||||
|
named.*reloading
|
||||||
|
named.*starting
|
||||||
|
netacl.*: exit host
|
||||||
|
netacl.*: permit host
|
||||||
|
popper.*Unable
|
||||||
|
popper: -ERR POP server at
|
||||||
|
popper: -ERR Unknown command: "uidl".
|
||||||
|
qmail.*new msg
|
||||||
|
qmail.*info msg
|
||||||
|
qmail.*starting delivery
|
||||||
|
qmail.*delivery
|
||||||
|
qmail.*end msg
|
||||||
|
rlogin-gw.*: exit host
|
||||||
|
rlogin-gw.*: permit host
|
||||||
|
sendmail.*User Unknown
|
||||||
|
sendmail.*alias database.*rebuilt
|
||||||
|
sendmail.*aliases.*longest
|
||||||
|
sendmail.*from=
|
||||||
|
sendmail.*lost input channel
|
||||||
|
sendmail.*message-id=
|
||||||
|
sendmail.*putoutmsg
|
||||||
|
sendmail.*return to sender
|
||||||
|
sendmail.*stat=
|
||||||
|
sendmail.*timeout waiting
|
||||||
|
smap.*host=
|
||||||
|
smapd.*daemon running
|
||||||
|
smapd.*delivered
|
||||||
|
telnetd.*ttloop: peer died
|
||||||
|
tn-gw.*: exit host
|
||||||
|
tn-gw.*: permit host
|
||||||
|
x-gw.*: exit host
|
||||||
|
x-gw.*: permit host
|
||||||
|
xntpd.*Previous time adjustment didn't complete
|
||||||
|
xntpd.*time reset
|
||||||
|
ansible-command: Invoked
|
||||||
|
ansible-file: Invoked
|
||||||
|
ansible-setup: Invoked
|
||||||
|
ansible-stat: Invoked
|
||||||
|
ansible-synchronize: Invoked
|
||||||
|
doas: _collectd ran command /bin/cat /var/log/daemon as root from /var/collectd
|
||||||
|
doas: _nrpe ran command /usr/local/libexec/nagios
|
||||||
|
doas:.*ran command /usr/share/scripts/evomaintenance.sh as root from
|
||||||
|
newsyslog.*logfile turned over
|
||||||
|
nrpe.*: Could not read request from client, bailing out...
|
||||||
|
nrpe.*: Error: Could not complete SSL handshake.
|
||||||
|
nrpe.*: INFO: SSL Socket Shutdown.
|
||||||
|
ntpd.*: adjusting clock frequency by
|
||||||
|
smtpd.*mta connected
|
||||||
|
smtpd.*mta connecting address=smtp://
|
||||||
|
smtpd.*mta delivery evpid=
|
||||||
|
smtpd.*mta disconnected reason=quit messages=
|
||||||
|
smtpd.*mta server-cert-check result=
|
||||||
|
smtpd.*mta tls ciphers=
|
||||||
|
smtpd.*smtp connected address=127.0.0.1 host=localhost
|
||||||
|
smtpd.*smtp connected address=local
|
||||||
|
smtpd.*smtp disconnected reason=quit
|
||||||
|
smtpd.*smtp envelope evpid=
|
||||||
|
smtpd.*smtp message msgid=
|
||||||
|
sshd.*Connection closed by 127.0.0.1 port
|
||||||
|
sshd.*Connection reset by 127.0.0.1 port
|
||||||
|
sudo:.*: a password is required ; TTY=.* ; PWD=/home/.* ; USER=root ; COMMAND=
|
||||||
|
sudo:.*: TTY=.* ; PWD=/home/.* ; USER=root ; COMMAND=
|
||||||
|
syslogd.*restart
|
||||||
|
unbound:.*info:
|
7
roles/logsentry/files/logsentry.violations.ignore
Normal file
7
roles/logsentry/files/logsentry.violations.ignore
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
stat=Deferred
|
||||||
|
unbound:.*info: server stats for
|
||||||
|
smtpd.*smtp connected address=127.0.0.1 host=localhost
|
||||||
|
smtpd.*smtp connected address=local
|
||||||
|
smtpd.*smtp disconnected reason=quit
|
||||||
|
nrpe.*: INFO: SSL Socket Shutdown.
|
||||||
|
collectd.*: exec plugin: Failed to execute
|
Loading…
Reference in a new issue