[syslog-ng] pure-ftpd patterns
Balazs Scheidler
bazsi at balabit.hu
Thu Sep 30 17:22:26 CEST 2010
Hi,
Could you please format your submissions as git patches?
Also, could you please add appropriate "Signed-of-by" lines that git
generates automatically? This way we can track the copyright trail.
Thanks.
On Thu, 2010-09-30 at 16:43 +0200, Peter Czanik wrote:
> Hello,
>
> Attached are the pure-ftpd login/logout/failure patterns and the sample
> file I used. Some notes:
> - logouts, where username is "?" are not tagged, as these just mark that
> a TCP/IP connection is teared down
> - PAM messages are not tagged, as that would create duplicate messages
> about the same event. The variable part of them is simply discarded with
> an @ANYSTRING@
> - anonymous login/logout events are tagged, username is set to
> "anonymous" from "ftp"
>
> You can check the attached pure-ftpd.pdb with the following command:
>
> cat pure-ftpd.samples | grep -v CzP | pdbtool match -p pure-ftpd.pdb -f -
>
> CzP lines are comments...
>
> Please check it on your own pure-ftpd logs to see, if I missed anything!
> Thanks!
>
> Bye,
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
--
Bazsi
More information about the syslog-ng
mailing list