# HG changeset patch # User Tero Marttila # Date 1265398705 -7200 # Node ID b801f653f7d44dc079cdc11920177e435259ff91 # Parent 5f720d719d01ea71daeb9eca23431651cb4f3e17 more filter fixes/updates diff -r 5f720d719d01 -r b801f653f7d4 fixbot/logwatch/filters.py --- a/fixbot/logwatch/filters.py Fri Feb 05 21:35:55 2010 +0200 +++ b/fixbot/logwatch/filters.py Fri Feb 05 21:38:25 2010 +0200 @@ -165,32 +165,29 @@ # match sudo invocations, reformatting them nicely sudo = SyslogFilter('sudo', program = "sudo", - pattern = "^\s*(?P\S+) : TTY=(?P\S+) ; PWD=(?P.+?) ; USER=(?P\S+) ; COMMAND=(?P.*)", + pattern = r"^\s*(?P\S+) : TTY=(?P\S+) ; PWD=(?P.+?) ; USER=(?P\S+) ; COMMAND=(?P.*)", format = "%(username)s:%(tty)s - %(target_user)s@%(hostname)s:%(pwd)s - %(command)r", ) # match accepted ssh logins ssh = SyslogFilter('ssh', program = "sshd", - pattern = "^\s*Accepted password for (?P\S+) from (?P\S+) port (?P\S+) (?P\S+)", + pattern = r"^\s*Accepted password for (?P\S+) from (?P\S+) port (?P\S+) (?P\S+)", format = "SSH login for %(username)s@%(hostname)s from %(ip)s:%(port)s", ) # drops all output from cron -# XXX: what about su? +# XXX: what about the same from su? cron_killer = SyslogFilter('all', program = "cron", drop = True, ) -#cron_killer = NullFilter( -# "^" + _timestamp + " \S+\s+(CRON|su)\[\d+\]: pam_unix\(cron:\w+\): session (opened|closed) for user \w+( by \(uid=\d+\))?$", -# re.IGNORECASE -#) - # drops `su nobody` output (from cron) -su_nobody_killer = NullFilter( - "^" + _timestamp + " \S+\s+su\[\d+\]: (Successful su for nobody by root|\+ \?\?\? root:nobody)$", - re.IGNORECASE +su_nobody_killer = SyslogFilter('all', + program = "su", + pattern = r"^(Successful su for nobody by root|\+ \?\?\? root:nobody)$", + re_flags = re.IGNORECASE, + drop = True )