Further refine the auth fail regex to catch more auth failures and
reduce false positives. The committed patch was provided by Christian Marg. PR: 91732 Submitted by: Daniel O'Connor <doconnor at gsoft.com.au> Skye Poier <spoier at gmail.com> Alan Amesbury <amesbury at umn.edu> Christian Marg <marg at rz.tu-clausthal.de> MFC after: 1 month
This commit is contained in:
parent
3dfc829bda
commit
8e2617b93f
@ -64,7 +64,7 @@ if check_yesno_period security_status_loginfail_enable
|
|||||||
then
|
then
|
||||||
echo ""
|
echo ""
|
||||||
echo "${host} login failures:"
|
echo "${host} login failures:"
|
||||||
n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
|
n=$(catmsgs | egrep -ia "^$yesterday.*: .*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
|
||||||
tee /dev/stderr | wc -l)
|
tee /dev/stderr | wc -l)
|
||||||
[ $n -gt 0 ] && rc=1 || rc=0
|
[ $n -gt 0 ] && rc=1 || rc=0
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user