From e7b7815de33446a8705dac69326bb167fcd302ec Mon Sep 17 00:00:00 2001 From: Steven Hiscocks Date: Sun, 21 Jul 2013 15:22:44 +0100 Subject: [PATCH] TST: Add additional sshd sample logs --- testcases/files/logs/sshd | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/testcases/files/logs/sshd b/testcases/files/logs/sshd index ff97c5a5..75854774 100644 --- a/testcases/files/logs/sshd +++ b/testcases/files/logs/sshd @@ -77,3 +77,11 @@ Apr 29 18:53:38 Jamess-iMac.local sshd[47831]: error: PAM: authentication error #11 https://github.com/fail2ban/fail2ban/issues/267 There might be no colon after [daemon] # failJSON: { "time": "2005-06-25T23:53:34", "match": true , "host": "1.2.3.4" } Jun 25 23:53:34 [sshd] User root from 1.2.3.4 not allowed because not listed in AllowUsers +# failJSON: { "time": "2004-12-12T20:04:39", "match": true , "host": "10.215.4.227" } +Dec 12 20:04:39 aragorn sshd[1328]: error: PAM: User not known to the underlying authentication module for illegal user kernelitshell from 10.215.4.227 +# failJSON: { "time": "2005-03-26T04:56:27", "match": true , "host": "example.com" } +Mar 26 04:56:27 angel sshd[9739]: User allena from example.com not allowed because not in any group +# failJSON: { "time": "2005-02-07T16:01:07", "match": true , "host": "192.51.100.54" } +Feb 7 16:01:07 linux-m899 sshd[5106]: User root from 192.51.100.54 not allowed because a group is listed in DenyGroups +# failJSON: { "time": "2005-01-05T11:15:05", "match": true , "host": "10.0.0.40" } +Jan 5 11:15:05 NAS sshd[1966]: User root from 10.0.0.40 not allowed because none of user's groups are listed in AllowGroups