| .. |
|
ignorecommands
|
filter.d/ignorecommands/apache-fakegooglebot: added timeout parameter (default 55 seconds) - avoid fail with timeout (default 1 minute) by reverse lookup on some slow DNS services (googlebots must be resolved fast);
|
2021-03-02 19:35:27 +01:00 |
|
3proxy.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
apache-auth.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
apache-badbots.conf
|
Merge remote-tracking branch 'upstream/master' into 0.10
|
2017-09-08 11:11:05 +02:00 |
|
apache-botsearch.conf
|
Merge branch 'master' into 0.10
|
2017-10-18 19:00:23 +02:00 |
|
apache-common.conf
|
filter.d/apache-common.conf: remote besides client, gh-3622
|
2024-03-15 22:36:40 +01:00 |
|
apache-fakegooglebot.conf
|
filter.d/apache-fakegooglebot.conf: better, more precise regex and datepattern (closes possible weakness like #3013)
|
2021-05-11 13:47:48 +02:00 |
|
apache-modsecurity.conf
|
New upstream version 0.11.1
|
2020-01-12 23:22:54 +01:00 |
|
apache-nohome.conf
|
…
|
|
|
apache-noscript.conf
|
filter.d/apache-noscript.conf: extended to match "script not found" with error AH02811 (and cgi-bin path segment in script)
|
2020-11-23 17:25:41 +01:00 |
|
apache-overflows.conf
|
filter.d/apache-overflows.conf: extended to match AH00126 error (Invalid URI ...);
|
2021-01-11 15:10:53 +01:00 |
|
apache-pass.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
|
apache-shellshock.conf
|
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
|
2017-12-01 15:53:11 +01:00 |
|
assp.conf
|
Merge branch '0.9-fix-regex-using-journal' into 0.10-fix-regex-using-journal (merge point against 0.9 after back-porting gh-1660 from 0.10)
|
2017-01-10 11:25:41 +01:00 |
|
asterisk.conf
|
Add transport to asterisk RE
|
2021-01-31 15:22:16 +01:00 |
|
bitwarden.conf
|
review and small tweaks (more precise and safe RE)
|
2020-11-09 13:43:59 +01:00 |
|
botsearch-common.conf
|
Update botsearch-common.conf (#1759)
|
2017-04-26 20:14:39 +02:00 |
|
centreon.conf
|
New upstream version 0.11.1
|
2020-01-12 23:22:54 +01:00 |
|
common.conf
|
common.conf: fixed typo in comment (rfc5424 for logtype)
|
2022-05-12 18:09:09 +02:00 |
|
counter-strike.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
courier-auth.conf
|
filter.d/courier-auth.conf: consider optional port after IP, regex is rewritten without catch-all's and right anchor, so it is more stable against further modifications now;
|
2022-02-09 12:18:23 +01:00 |
|
courier-smtp.conf
|
filter.d/courier-smtp.conf: prefregex extended to consider port in log-message (closes gh-2697)
|
2020-04-21 13:32:17 +02:00 |
|
cyrus-imap.conf
|
filter.d/cyrus-imap.conf: fixed `failregex` - accept entries without login-info resp. hostname before IP address
|
2017-03-09 16:13:45 +01:00 |
|
dante.conf
|
IPv6 fix (second IP logged in form for IPv6); pam authentication failure (part of gh-3410)
|
2023-12-30 15:10:37 +01:00 |
|
directadmin.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
domino-smtp.conf
|
filter.d/domino-smtp.conf:
|
2018-09-21 14:14:00 +02:00 |
|
dovecot.conf
|
fixes gh-3370: resolve extremely long search by repeated apply of non-greedy RE `(?:: (?:[^\(]+|\w+\([^\)]*\))+)?` with following branches (it may be extremely slow up to infinite search depending on message); added new regression tests
|
2022-10-04 14:10:45 +02:00 |
|
dropbear.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
|
drupal-auth.conf
|
more precise RE (avoids weakness with catch-all's and is injection safe)
|
2021-02-11 18:32:32 +01:00 |
|
ejabberd-auth.conf
|
small amend to gh-1850: removed greedy catch-all at end.
|
2017-08-07 15:24:16 +02:00 |
|
exim-common.conf
|
bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported
|
2024-03-25 15:52:06 +01:00 |
|
exim-spam.conf
|
`filter.d/exim.conf`:
|
2024-03-25 15:31:23 +01:00 |
|
exim.conf
|
bypass additional pid in prefix (may be logged by syslog-ng, gh-3060); matches protocol error with authentication mechanism not supported
|
2024-03-25 15:52:06 +01:00 |
|
freeswitch.conf
|
filter.d/freeswitch.conf: provide mode parameter, allows to avoid matching of messages like `auth challenge (REGISTER)` (see gh-2163) (currently `extra` as default to be backwards-compatible), see comments in filter how to set it to mode `normal`.
|
2018-08-03 11:42:15 +02:00 |
|
froxlor-auth.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
|
gitlab.conf
|
New Gitlab jail
|
2020-04-09 16:42:08 +02:00 |
|
grafana.conf
|
no catch-alls, user name and error message stored in ticket
|
2020-11-09 15:36:30 +01:00 |
|
groupoffice.conf
|
ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934)
|
2015-01-30 10:38:28 -05:00 |
|
gssftpd.conf
|
…
|
|
|
guacamole.conf
|
Enhance Guacamole jail
|
2020-08-25 13:01:50 +02:00 |
|
haproxy-http-auth.conf
|
Update haproxy-http-auth.conf
|
2017-04-11 09:11:08 +02:00 |
|
horde.conf
|
…
|
|
|
kerio.conf
|
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
|
2017-06-12 13:11:45 +02:00 |
|
lighttpd-auth.conf
|
filter.d/lighttpd-auth.conf: adjusted to the current source code + avoiding catch-all's, etc (gh-3116)
|
2021-10-01 15:03:24 +02:00 |
|
mongodb-auth.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
monit.conf
|
filter.d/common.conf: closes gh-2650, avoid substitute of default values in related `lt_*` section, `__prefix_line` should be interpolated in definition section (after the config considers all sections that can overwrite it);
|
2020-03-05 13:47:11 +01:00 |
|
monitorix.conf
|
more precise anchored RE (also combining all 3 REs in a single regex)
|
2021-04-14 13:06:58 +02:00 |
|
mssql-auth.conf
|
precise regex (left anchor and fewer catch-all's); fixed tests (added failJSON and more tests for some corner-cases around new RE)
|
2021-04-03 20:16:47 +02:00 |
|
murmur.conf
|
filter.d/murmur.conf: fixed detection of failures reading from journal (systemd-backend only):
|
2018-02-09 11:43:55 +01:00 |
|
mysqld-auth.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
nagios.conf
|
…
|
|
|
named-refused.conf
|
loosening for denied suffix (would match no matter which reason in parenthesis);
|
2024-03-25 16:35:20 +01:00 |
|
nginx-bad-request.conf
|
fix: add journalmatch to nginx filters
|
2021-04-03 19:20:50 +02:00 |
|
nginx-botsearch.conf
|
fix: add journalmatch to nginx filters
|
2021-04-03 19:20:50 +02:00 |
|
nginx-error-common.conf
|
more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line
|
2023-12-10 15:21:20 +01:00 |
|
nginx-forbidden.conf
|
more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line
|
2023-12-10 15:21:20 +01:00 |
|
nginx-http-auth.conf
|
more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line
|
2023-12-10 15:21:20 +01:00 |
|
nginx-limit-req.conf
|
more filters for nginx error-log supporting journal format now, added generalized include and __prefix_line
|
2023-12-10 15:21:20 +01:00 |
|
nsd.conf
|
restore anchor (e. g. catch all in the middle), dot is optional now, RE rewritten a bit more precise
|
2021-04-03 21:00:14 +02:00 |
|
openhab.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
openwebmail.conf
|
…
|
|
|
oracleims.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
pam-generic.conf
|
quick optimization: normalizes pam-generic prefregex (more similar to the same regex within sshd-filter) + datepattern anchored now;
|
2018-03-20 16:00:21 +01:00 |
|
perdition.conf
|
…
|
|
|
php-url-fopen.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
|
phpmyadmin-syslog.conf
|
typo
|
2020-11-23 18:08:38 +01:00 |
|
portsentry.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
|
postfix.conf
|
filter.d/postfix.conf: add Sender address rejected: Malformed DNS server reply (#3590)
|
2024-03-19 20:30:45 +01:00 |
|
proftpd.conf
|
typo
|
2020-11-23 18:07:49 +01:00 |
|
pure-ftpd.conf
|
define journalmatch setting for pure-ftps
|
2016-03-11 18:19:53 +01:00 |
|
qmail.conf
|
…
|
|
|
recidive.conf
|
filter.d/recidive.conf: conditional RE depending on logtype (for file or journal)
|
2024-03-11 17:49:06 +01:00 |
|
roundcube-auth.conf
|
Don't ban roundcube users when an external mail server is down.
|
2020-04-06 21:57:27 +00:00 |
|
routeros-auth.conf
|
New filter: routeros-auth.conf (Closes #3469)
|
2023-03-02 09:25:24 +01:00 |
|
scanlogd.conf
|
small amend: sport after saddr is optional
|
2021-04-03 23:29:16 +02:00 |
|
screensharingd.conf
|
Removed old svn revision comment
|
2015-11-02 09:08:47 -08:00 |
|
selinux-common.conf
|
small amend (non capturing group)
|
2022-11-14 18:56:01 +01:00 |
|
selinux-ssh.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
sendmail-auth.conf
|
filter.d/sendmail-auth.conf: detect failures without user part
|
2022-08-01 09:20:28 +02:00 |
|
sendmail-reject.conf
|
filter.d/sendmail-reject.conf: fix reverse DNS for ... (gh-3012)
|
2021-05-29 18:45:59 +02:00 |
|
sieve.conf
|
…
|
|
|
slapd.conf
|
gh-3604: filter.d/slapd.conf - switched to single-line processing
|
2023-10-18 16:06:56 +02:00 |
|
softethervpn.conf
|
small tweaks (both 2nd time and facility are optional, avoid catch-all, etc)
|
2020-11-09 13:19:25 +01:00 |
|
sogo-auth.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
solid-pop3d.conf
|
…
|
|
|
squid.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
|
squirrelmail.conf
|
added possibility to specify more precise default date pattern:
|
2016-10-17 11:18:30 +02:00 |
|
sshd.conf
|
filter.d/sshd.conf: ddos/aggressive mode extended to match new messages caused by port scanner, wrong payload on ssh port:
|
2024-02-13 16:53:21 +01:00 |
|
stunnel.conf
|
ENH: define ignoreregex for all filters explicitly, to avoid warnings (Closes #934)
|
2015-01-30 10:38:28 -05:00 |
|
suhosin.conf
|
suhosin.conf: removed greedy match
|
2017-01-21 16:26:07 +01:00 |
|
tine20.conf
|
more precise date template handling (WARNING: this commit creates possible incompatibilities):
|
2016-10-17 11:20:27 +02:00 |
|
traefik-auth.conf
|
[DATALAD RUNCMD] run codespell throughout fixing typo automagically
|
2023-11-18 10:04:04 -05:00 |
|
uwimap-auth.conf
|
…
|
|
|
vsftpd.conf
|
filter.d/vsftpd.conf: optional reason message after FAIL LOGIN, closes #1543
|
2016-09-09 09:20:15 +02:00 |
|
webmin-auth.conf
|
…
|
|
|
wuftpd.conf
|
Add filter variable __pam_auth to allow easier changing of pam auth backend
|
2015-01-27 14:34:27 -07:00 |
|
xinetd-fail.conf
|
Several filters optimized with pre-filtering using new option `prefregex`
|
2017-02-21 15:54:59 +01:00 |
|
znc-adminlog.conf
|
New upstream version 0.11.1
|
2020-01-12 23:22:54 +01:00 |
|
zoneminder.conf
|
padding with space, prefregex, regex review (simplifying, capture user name, consider possible space char in user name)
|
2021-05-21 13:00:24 +02:00 |
2ba9fee79f