From cb100f3cef966afe709bbf4dd644ac5e5f2f279c Mon Sep 17 00:00:00 2001 From: Wojciech Kozlowski Date: Sat, 20 May 2023 16:02:15 +0200 Subject: [PATCH] Fix gitea logcheck ignores --- playbooks/files/system/base/logs/asgard | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/files/system/base/logs/asgard b/playbooks/files/system/base/logs/asgard index 41b0fa2..3fa8a9b 100644 --- a/playbooks/files/system/base/logs/asgard +++ b/playbooks/files/system/base/logs/asgard @@ -2,5 +2,5 @@ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: var-lib-containers-storage-overlay\.mount: Succeeded\.$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+[[:digit:]]{4} [[:alpha:]]{3,4} m=\+[.[:digit:]]{1,11} image pull$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ podman\[[0-9]+\]: [-[:digit:]]{10} [.:[:digit:]]{8,18} \+0100 CET m=\+[.[:digit:]]{1,11} image remove [[:alnum:]]+$ -^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ (comm="git-remote-http" exe="/usr/libexec/git-core/git-remote-http"|comm="git-remote-http" exe="/usr/libexec/git-core/git-remote-https"|comm="gitea" exe="/app/gitea/gitea"|comm="git" exe="/usr/libexec/git-core/git"|comm="git-receive-pac" exe="/usr/bin/git-receive-pack"|comm="git-receive-pac" exe="/usr/bin/git") sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ +^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="(git|git-remote-http|git-receive-pac|gitea)" exe="(/app/gitea/gitea|/usr/bin/git|/usr/bin/git-receive-pack|/usr/libexec/git-core/git|/usr/libexec/git-core/git-remote-http|/usr/libexec/git-core/git-remote-https)" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$ ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[\s*[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+\): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="ffmpeg" exe="/usr/bin/ffmpeg" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$