"Fossies" - the Fresh Open Source Software Archive 
"Fossies" - the Fresh Open Source Software Archive A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.
1 # The SSHDLOG section maps sshd messages into one of several types, Invalid User, Bad password for valid user, Good password for valid user and No Id string. Each version and distribution uses different message formats, so the exact format needs to be user configurable. These are already supplied for quite a few distributions. 2 3 # The only change over RH7.3 is the change from Illegal to Invalid. 4 5 # Invalid user or Failed user 6 msg_invalid='^Invalid user (.*) from ([0-9a-fA-F:\.]+)' 7 map_invalid='push @res,$1; push @res,$2;' 8 9 msg_invalid='^Failed [^ ]+ for invalid user (.*) from ([0-9a-fA-F:\.]+) port [0-9]+ ssh2' 10 map_invalid='push @res,$1; push @res,$2;' 11 12 msg_invalid='^User (.*) from ([0-9a-fA-F:\.]+) not allowed because not listed in AllowUsers' 13 map_invalid='push @res,$1; push @res,$2;' 14 15 # Failed valid user 16 msg_failed_valid='^Failed [^ ]+ for (.*) from ([0-9a-fA-F:\.]+) port [0-9]+ ssh2' 17 map_failed_valid='push @res,$1; push @res,$2;' 18 19 msg_failed_valid='^Postponed [^ ]+ for (.*) from ([0-9a-fA-F:\.]+) port [0-9]+ ssh2' 20 map_failed_valid='push @res,$1; push @res,$2;' 21 22 # Accepted a valid user 23 #[7299] Feb 23 19:45:46 password auth succeeded for 'vladimir' from 127.0.0.1:33462 24 msg_accepted_user='^Accepted [^ ]* for (.*) from ([0-9a-fA-F:\.]+) port [0-9]+ ssh2' 25 map_accepted_user='push @res,$1; push @res,$2;' 26 27 28 # [7412] Feb 23 19:50:33 exit before auth: Failed to get remote version 29 msg_no_id_string='^Did not receive identification string from ([0-9a-fA-F:\.]+)' 30 map_no_id_string='push @res,$1;' 31 32 # [7272] Feb 23 19:52:16 premature exit: Terminated by signal 33 msg_quit='^Received signal ([0-9]+); terminating.' 34 map_quit='push @res,$1;' 35