[syslog-ng] patterndb and intrusion prevention

Florian Schaal mailinglist at schaal-24.de
Wed Jul 31 10:30:16 CEST 2013

Am 31.07.2013 00:00, schrieb Matt Zagrabelny:

> # cat /var/log/syslogblock
> 2013-07-30 16:26:42 Failed password for invalid user doug from
> port 37867 ssh2 +

>         template("+${usracct.device}\n")

Are you sure that usracct.device contains only the IP?

I use syslog-ng with xt_recent without any problems:

regards Florian

More information about the syslog-ng mailing list