I have a variety of lines that do not fit into Logwatch' regex for sshd. They are mainly caused by the lack of a port in the formatting. There are three typical lines that are affected:
Received disconnect from [***] port [***]:11: [preauth] : 1 time(s) Disconnected from [***] port [***] [preauth] : 1 time(s) Connection reset by [***] port [***] [preauth] : 3 time(s) The first line is matched by using a provided patch: https://bugzilla.redhat.com/attachment.cgi?id=1136417&action=diff The other two still remain in my case, I manually patched /usr/share/logwatch/scripts/services/sshd for the "Received disconnect from" What is the update for this issue? I couldn't find any details about patches from upstream, otherwise I could test those as well. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1644057 Title: Excessive Disconnect unmatched entries from sshd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1644057/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
