From 479df53e7aff4780dc7e71ff2cbc9784c02aabd2 Mon Sep 17 00:00:00 2001 From: Wojciech Kozlowski Date: Sat, 11 Feb 2023 10:26:51 +0100 Subject: [PATCH] Update logcheck ignores --- playbooks/files/system/base/logs/asgard | 6 ++++-- playbooks/files/system/base/logs/yggdrasil | 8 +++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/playbooks/files/system/base/logs/asgard b/playbooks/files/system/base/logs/asgard index d205a00..b02ea35 100644 --- a/playbooks/files/system/base/logs/asgard +++ b/playbooks/files/system/base/logs/asgard @@ -1,4 +1,6 @@ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished Podman auto-update service\.$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Podman auto-update service|Pod service auto-update service|Prune dangling podman images)\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: rsyslog\.service: Sent signal SIGHUP to main process [[:digit:]]+ (rsyslogd) on client request\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: var-lib-containers-storage-overlay\.mount: Succeeded\.$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ (comm="git-remote-http" exe="/usr/libexec/git-core/git-remote-https"|comm="gitea" exe="/app/gitea/gitea"|comm="git" exe="/usr/libexec/git-core/git") sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+0100 CET m=\+[.[:digit:]]{1,11} image pull$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+0100 CET m=\+[.[:digit:]]{1,11} image remove [[:alnum:]]+$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ (comm="git-remote-http" exe="/usr/libexec/git-core/git-remote-https"|comm="gitea" exe="/app/gitea/gitea"|comm="git" exe="/usr/libexec/git-core/git"|comm="git-receive-pac" exe="/usr/bin/git-receive-pack") sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ diff --git a/playbooks/files/system/base/logs/yggdrasil b/playbooks/files/system/base/logs/yggdrasil index 06bd80c..da05080 100644 --- a/playbooks/files/system/base/logs/yggdrasil +++ b/playbooks/files/system/base/logs/yggdrasil @@ -1,7 +1,5 @@ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Snapshot ZFS filesystems|Prune ZFS snapshots|Replicate snapshots using syncoid)\.$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (sanoid\.service|syncoid-batch\.service): Consumed ([0-9]{1,2}min )?[0-9]{1,2}\.[0-9]{3}s CPU time\.$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Snapshot ZFS filesystems|Prune ZFS snapshots|Replicate snapshots using syncoid|Backup snapshots using restic)\.$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (sanoid\.service|syncoid-batch\.service|restic-batch\.service): Consumed ([0-9]{1,2}min )?[0-9]{1,2}\.[0-9]{3}s CPU time\.$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: mnt-var-lib-yggdrasil-data-pod\\x2d[\\[:alnum:]]+-[\\[:alnum:]]+\.mount: Succeeded\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ sanoid\[[0-9]+\]: INFO: .*$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ sanoid\[[0-9]+\]: taking snapshot .*$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: INFO: .*$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: NEWEST SNAPSHOT: .*$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: Sending incremental .*$