Re: logcheck driving me nuts
Not an answer to your question...
Can I get a copy of the script you use to block brute force attempts?
Pim Bliek wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Logcheck is driving me NUTS. I'm not a regular expression guru so
here's my problem:
Every hour I run a script to kick out ssh brute force script kiddies.
This generates the following in syslog:
Apr 2 17:01:01 zenggi2 /USR/SBIN/CRON: (root) CMD (ruby
Every hour logcheck likes to send me an email with only this line. So
I went to /etc/logcheck/ignore.d.server/cron and put this in:
Which does not work.
Can someone please help me with a regexp that just works? I am not
such a whizard with the logcheck regexp format..
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP SIGNATURE-----
--To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.orgwith a
subject of "unsubscribe". Trouble? Contact email@example.com