|
|
@@ -1,4 +1,4 @@
|
|
|
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [-:\.[:alnum:]]+: [[:digit:]]+: (([\.[:alnum:]]+: Auth fail|ok|Goodbye|Bye|Unable to connect using the available authentication methods|) \[preauth\]|disconnected by user|Normal Shutdown, Thank you for playing \[preauth\]|.*: reject HostKey: [-:\.[:alnum:]]+ \[preauth\]|disconnect \[preauth\])$
|
|
|
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: (error: )?Received disconnect from [-:\.[:alnum:]]+: [[:digit:]]+: (([\.[:alnum:]]+: Auth fail|ok|Goodbye|Bye|Unable to connect using the available authentication methods|) \[preauth\]|disconnected by user|Normal Shutdown, Thank you for playing \[preauth\]|.*: reject HostKey: [-:\.[:alnum:]]+ \[preauth\]|disconnect \[preauth\]|.*: Read timed out \[preauth\])$
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: subsystem request for sftp by user .+$
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Accepted publickey for [-:\.[:alnum:]]+ from [-:\.[:alnum:]]+ port [[:digit:]]+ ssh2(|: [RD]SA [:0-9a-f]+)$
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: (Read from socket|Write) failed: Connection reset by peer( \[preauth\]|)$
|
|
|
@@ -9,3 +9,4 @@
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: no matching cipher found: client .+ server .+ \[preauth\]$
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd: .+: Unable to find key in LDAP for uid '\w+'$
|
|
|
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd: .+: ssh key successfully retrieved for uid '\w+'$
|
|
|
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed publickey for .+ from [-:\.[:alnum:]]+ port [[:digit:]]+ ssh2 \[preauth\]$
|
