2016-07-08 01:50:57 +00:00
|
|
|
# slapd (Stand-alone LDAP Daemon) openldap daemon filter
|
|
|
|
#
|
|
|
|
# Detecting invalid credentials: error code 49
|
|
|
|
# http://www.openldap.org/doc/admin24/appendix-ldap-result-codes.html#invalidCredentials (49)
|
|
|
|
|
2016-07-08 02:29:51 +00:00
|
|
|
[INCLUDES]
|
|
|
|
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
|
|
# common.local
|
|
|
|
before = common.conf
|
|
|
|
|
2016-07-08 01:50:57 +00:00
|
|
|
[Definition]
|
|
|
|
|
2016-07-08 02:29:51 +00:00
|
|
|
_daemon = slapd
|
|
|
|
|
2016-07-14 07:19:21 +00:00
|
|
|
failregex = ^(?P<__prefix>%(__prefix_line)s)conn=(?P<_conn_>\d+) fd=\d+ ACCEPT from IP=<HOST>:\d{1,5} \(IP=\S+\)\s*<SKIPLINES>(?P=__prefix)conn=(?P=_conn_) op=\d+ RESULT(?:\s(?!err)\S+=\S*)* err=49 text=[\w\s]*$
|
2016-07-08 01:50:57 +00:00
|
|
|
|
|
|
|
ignoreregex =
|
|
|
|
|
|
|
|
[Init]
|
|
|
|
|
|
|
|
# "maxlines" is number of log lines to buffer for multi-line regex searches
|
|
|
|
maxlines = 20
|
|
|
|
|
|
|
|
# Author: Andrii Melnyk
|