pvl-verkko: changeset 85:d1c2dfc1a875

--- a/etc/syslog.conf	Fri Jan 11 22:04:11 2013 +0200
+++ b/etc/syslog.conf	Fri Jan 11 22:04:28 2013 +0200
@@ -1,4 +1,4 @@
-#irk     = irc://irc-test/test
+irk     = irc://syslog@irc-test/test
 
 # TODO: implements meta-attrs across rule tree to classify hosts?
 #[tag]
@@ -40,8 +40,8 @@
     # TODO: pubkey, failures?
     [[ssh]]
     program     = sshd
-    pattern     = Accepted password for (?P<user>\S+) from (?P<ip>\S+) port (?P<port>\S+) (?P<proto>\S+)
-    format      = SSH login for {user}@{host} from {ip}
+    pattern     = Accepted (?P<auth>.+?) for (?P<user>\S+) from (?P<ip>\S+) port (?P<port>\S+) (?P<proto>\S+)
+    format      = SSH {auth} login for {user}@{host} from {ip}
 
     [[cron]]
     program     = cron

author	Tero Marttila <terom@paivola.fi>
	Fri, 11 Jan 2013 22:04:28 +0200
changeset 85	d1c2dfc1a875
parent 84	e5f36ec2e8d2
child 86	5bd98d185c48