more ssh regexes
This commit is contained in:
@ -47,7 +47,9 @@ streams:
|
||||
regex:
|
||||
# <ip> is predefined in the patterns section
|
||||
# ip's regex is inserted in the following regex
|
||||
- authentication failure;.*rhost=<ip>
|
||||
- 'authentication failure;.*rhost=<ip>'
|
||||
- 'Failed password for .* from <ip>'
|
||||
- 'Connection reset by authenticating user .* <ip>'
|
||||
# if retry and retryperiod are defined,
|
||||
# the actions will only take place if a same pattern is
|
||||
# found `retry` times in a `retryperiod` interval
|
||||
|
Reference in New Issue
Block a user