Add customized logsentry configuration
This commit is contained in:
parent
389f1a8eae
commit
6782746f3c
81
roles/logsentry/files/logsentry.ignore
Normal file
81
roles/logsentry/files/logsentry.ignore
Normal file
|
@ -0,0 +1,81 @@
|
|||
authsrv.*AUTHENTICATE
|
||||
cron.*CMD
|
||||
cron.*RELOAD
|
||||
cron.*STARTUP
|
||||
ftp-gw.*: exit host
|
||||
ftp-gw.*: permit host
|
||||
ftpd.*ANONYMOUS FTP LOGIN
|
||||
ftpd.*FTP LOGIN FROM
|
||||
ftpd.*retrieved
|
||||
ftpd.*stored
|
||||
http-gw.*: exit host
|
||||
http-gw.*: permit host
|
||||
mail.local
|
||||
named.*Lame delegation
|
||||
named.*Response from
|
||||
named.*answer queries
|
||||
named.*points to a CNAME
|
||||
named.*reloading
|
||||
named.*starting
|
||||
netacl.*: exit host
|
||||
netacl.*: permit host
|
||||
popper.*Unable
|
||||
popper: -ERR POP server at
|
||||
popper: -ERR Unknown command: "uidl".
|
||||
qmail.*new msg
|
||||
qmail.*info msg
|
||||
qmail.*starting delivery
|
||||
qmail.*delivery
|
||||
qmail.*end msg
|
||||
rlogin-gw.*: exit host
|
||||
rlogin-gw.*: permit host
|
||||
sendmail.*User Unknown
|
||||
sendmail.*alias database.*rebuilt
|
||||
sendmail.*aliases.*longest
|
||||
sendmail.*from=
|
||||
sendmail.*lost input channel
|
||||
sendmail.*message-id=
|
||||
sendmail.*putoutmsg
|
||||
sendmail.*return to sender
|
||||
sendmail.*stat=
|
||||
sendmail.*timeout waiting
|
||||
smap.*host=
|
||||
smapd.*daemon running
|
||||
smapd.*delivered
|
||||
telnetd.*ttloop: peer died
|
||||
tn-gw.*: exit host
|
||||
tn-gw.*: permit host
|
||||
x-gw.*: exit host
|
||||
x-gw.*: permit host
|
||||
xntpd.*Previous time adjustment didn't complete
|
||||
xntpd.*time reset
|
||||
ansible-command: Invoked
|
||||
ansible-file: Invoked
|
||||
ansible-setup: Invoked
|
||||
ansible-stat: Invoked
|
||||
ansible-synchronize: Invoked
|
||||
doas: _collectd ran command /bin/cat /var/log/daemon as root from /var/collectd
|
||||
doas: _nrpe ran command /usr/local/libexec/nagios
|
||||
doas:.*ran command /usr/share/scripts/evomaintenance.sh as root from
|
||||
newsyslog.*logfile turned over
|
||||
nrpe.*: Could not read request from client, bailing out...
|
||||
nrpe.*: Error: Could not complete SSL handshake.
|
||||
nrpe.*: INFO: SSL Socket Shutdown.
|
||||
ntpd.*: adjusting clock frequency by
|
||||
smtpd.*mta connected
|
||||
smtpd.*mta connecting address=smtp://
|
||||
smtpd.*mta delivery evpid=
|
||||
smtpd.*mta disconnected reason=quit messages=
|
||||
smtpd.*mta server-cert-check result=
|
||||
smtpd.*mta tls ciphers=
|
||||
smtpd.*smtp connected address=127.0.0.1 host=localhost
|
||||
smtpd.*smtp connected address=local
|
||||
smtpd.*smtp disconnected reason=quit
|
||||
smtpd.*smtp envelope evpid=
|
||||
smtpd.*smtp message msgid=
|
||||
sshd.*Connection closed by 127.0.0.1 port
|
||||
sshd.*Connection reset by 127.0.0.1 port
|
||||
sudo:.*: a password is required ; TTY=.* ; PWD=/home/.* ; USER=root ; COMMAND=
|
||||
sudo:.*: TTY=.* ; PWD=/home/.* ; USER=root ; COMMAND=
|
||||
syslogd.*restart
|
||||
unbound:.*info:
|
7
roles/logsentry/files/logsentry.violations.ignore
Normal file
7
roles/logsentry/files/logsentry.violations.ignore
Normal file
|
@ -0,0 +1,7 @@
|
|||
stat=Deferred
|
||||
unbound:.*info: server stats for
|
||||
smtpd.*smtp connected address=127.0.0.1 host=localhost
|
||||
smtpd.*smtp connected address=local
|
||||
smtpd.*smtp disconnected reason=quit
|
||||
nrpe.*: INFO: SSL Socket Shutdown.
|
||||
collectd.*: exec plugin: Failed to execute
|
Loading…
Reference in a new issue