improve regex (anchored from left, no catch-alls, `<ADDR>` for IP, etc)

2025-04-01 17:28:58 +02:00 · 2025-04-01 17:28:58 +02:00 · 6104444bb4
parent cf9135983c
commit 6104444bb4
1 changed files with 1 additions and 1 deletions
--- a/config/filter.d/vaultwarden.conf
+++ b/config/filter.d/vaultwarden.conf
@ -4,5 +4,5 @@
 [Definition]
-failregex = \[vaultwarden::api::(identity||admin||core::two_factor::authenticator)\]\[ERROR\] (Invalid admin token||Invalid TOTP code||Username or password is incorrect)(.*) IP: <HOST>(?:\. Username: <F-USER>.+</F-USER>\.)?$
+failregex = ^\s*(?:\[\]\s*)?\[vaultwarden::api::(identity||admin||core::two_factor::authenticator)\]\[ERROR\] (Invalid admin token||Invalid TOTP code||Username or password is incorrect)[\.!](?:\s+(?!IP:)\S+)* IP: <ADDR>(?:\. Username: <F-USER>\S+</F-USER>)?
 ignoreregex =