Further refine the auth fail regex to catch more auth failures and
reduce false positives. The committed patch was provided by Christian Marg. PR: 91732 Submitted by: Daniel O'Connor <doconnor at gsoft.com.au> Skye Poier <spoier at gmail.com> Alan Amesbury <amesbury at umn.edu> Christian Marg <marg at rz.tu-clausthal.de> MFC after: 1 month
This commit is contained in:
parent
3dfc829bda
commit
8e2617b93f
@ -64,7 +64,7 @@ if check_yesno_period security_status_loginfail_enable
|
||||
then
|
||||
echo ""
|
||||
echo "${host} login failures:"
|
||||
n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
|
||||
n=$(catmsgs | egrep -ia "^$yesterday.*: .*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
|
||||
tee /dev/stderr | wc -l)
|
||||
[ $n -gt 0 ] && rc=1 || rc=0
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user