Update logcheck ignores

This commit is contained in:
Wojciech Kozlowski 2023-06-23 05:19:54 +02:00
parent c0b0274d24
commit 2c493a41b3
2 changed files with 3 additions and 1 deletions

View File

@ -1,5 +1,5 @@
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Podman auto-update service|Pod service auto-update service|Prune dangling podman images)\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Podman auto-update service|Pod service auto-update service|Prune dangling podman images)\.$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: var-lib-containers-storage-overlay\.mount: Succeeded\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: var-lib-containers-storage-overlay\.mount: Succeeded\.$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+[[:digit:]]{4} [[:alpha:]]{3,4} m=\+[.[:digit:]]+ image (pull|remove [[:alnum:]]+)$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+[[:digit:]]{4} [[:alpha:]]{3,4} m=\+[.[:digit:]]+ image (pull|(remove|prune) [[:alnum:]]+)$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="(git|git-remote-http|git-receive-pac|gitea)" exe="(/app/gitea/gitea|/usr/bin/git|/usr/bin/git-receive-pack|/usr/libexec/git-core/git|/usr/libexec/git-core/git-remote-http|/usr/libexec/git-core/git-remote-https)" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="(git|git-remote-http|git-receive-pac|gitea)" exe="(/app/gitea/gitea|/usr/bin/git|/usr/bin/git-receive-pack|/usr/libexec/git-core/git|/usr/libexec/git-core/git-remote-http|/usr/libexec/git-core/git-remote-https)" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="ffmpeg" exe="/usr/bin/ffmpeg" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="ffmpeg" exe="/usr/bin/ffmpeg" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$

View File

@ -1,3 +1,5 @@
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ restic-batch\[[0-9]+\]: (Mounting|Unmounting) [/@_\-:[:alnum:]]+ (to|from) [/@_\-:[:alnum:]]+$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ restic-batch\[[0-9]+\]: Backing up [_\-[:alnum:]]+$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Snapshot ZFS filesystems|Prune ZFS snapshots|Replicate snapshots using syncoid|Backup snapshots using restic)\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Snapshot ZFS filesystems|Prune ZFS snapshots|Replicate snapshots using syncoid|Backup snapshots using restic)\.$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (sanoid\.service|syncoid-batch\.service|sanoid-prune\.service|restic-batch\.service): Consumed ([0-9]{1,2}min )?[0-9]{1,2}\.[0-9]{3}s CPU time\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (sanoid\.service|syncoid-batch\.service|sanoid-prune\.service|restic-batch\.service): Consumed ([0-9]{1,2}min )?[0-9]{1,2}\.[0-9]{3}s CPU time\.$
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: mnt-var-lib-yggdrasil-data-pod\\x2d[\\[:alnum:]]+-[\\[:alnum:]]+\.mount: Succeeded\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: mnt-var-lib-yggdrasil-data-pod\\x2d[\\[:alnum:]]+-[\\[:alnum:]]+\.mount: Succeeded\.$