Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/epylog/files/merged/weed_local.cf
Kevin Fenzi 8390dd2ff3 some more weeding
2018-05-16 22:21:52 +00:00

470 lines
18 KiB
CFEngine3
Raw Blame History

[ADD]
##
# Here is where you add your own rules
#
atomic-openshift-node:.*
audit.*
ansible.*: Invoked.*
ansible.*: message repeated.*
ansible-accelerate:.*
ansible-async_wrapper.*
auditd.*
autocloud_job.*
avahi-daemon.*
btseed.*
bugyou-cntrl.*
celery.*
check_nrpe: Remote.*accepted a Version.*Packet
check_nrpe: Remote.*does not support Version.*Packets
chronyd.*
collectd.*: Filter subsystem.*
collectd.*: Value too old.*
collectd.*: processes plugin: Failed to read from.*
collectd.*: 0 Success:.*value has been dispatched.
collectd.*: message repeated.*times.*0 Success:.*
collectd.*: exec plugin.*Unable to parse command\, ignoring line.*
dbus.*:.*avc:.*received.*
dbus.*:.*Reloaded configuration.*
dbus.*:.*Successfully activated service 'org.fedoraproject.Setroubleshootd'.*
dbus.*:.*Successfully activated service 'org.freedesktop.nm_dispatcher'
dbus.*:.*\[system\].*Activating via systemd: service.*
dbus.*:.*\[system\].*Activating.*using servicehelper.*
dbus.*:.*\[system\].*Successfully activated service.*
dbus-daemon.*:.*Successfully activated service \'org.fedoraproject.Setroubleshootd\'.*
dbus-daemon.*:.*Activating via systemd: service.*
dbus-daemon.*:.*Successfully activated service.*
dhclient.*: bound to.*
dhclient.*: DHCPDISCOVER.*
dhclient.*: DHCPACK.*
dhclient.*: DHCPREQUEST.*
dhcpd:.*Wrote.*leases file.*
dnsmasq-dhcp.*
dnsmasq.*
# work around bug https://bugzilla.redhat.com/show_bug.cgi?id=947989
dhclient.*: send_packet: Operation not permitted
dhclient.*: dhclient.c:.*: Failed to send.*byte long packet over fallback interface.
dhclient.*: Internet Systems Consortium DHCP Client.*
dhclient.*: Copyright 2004-2013 Internet Systems Consortium.
dhclient.*: All rights reserved.
dhclient.*: For info, please visit https://www.isc.org/software/dhcp/
dhclient.*: Listening on.*
dhclient.*: Sending on.*
dhclient.*: Sending on.*
dhclient.*: $
django-admin.*
dnf:.*
dnf-automatic:.*
docker.*
dracut.*
etcd.*
.*EDAC sbridge.*
fedmsg-hub.*
fedmsg.*:No routing policy defined for.*
moksha-hub.*
mailman3.*
mote-updater.*
odcs-backend.*:.*Checking for expired composes
.*odcs-backend.*: Checking for expired composes
.*.go\:
freshclam.*: Can't connect to port 80 of host.*
freshclam.*: connect_error:.*
freshclam.*: Downloading.*
freshclam.*:.*is up to date.*
freshclam.*:.*updated.*
freshclam.*: Database updated.*
freshclam.*: ClamAV update process started
freshmaker.*
git-daemon.*: Connection from.*
git-daemon.*: Connection reset by peer
git-daemon.*: .* does not appear to be a git repository
git-daemon.*: Extended attributes.*
git-daemon.*: Request upload-pack.*
git-daemon.*: The remote end hung up unexpectedly
git-daemon.*: userpath.*
git-daemon.*: Request upload-archive for.*
git-daemon.*: fatal: write error: Connection timed out
groupadd.*: group added to.*: name=(mockbuild|dialout|floppy|cdrom|tape|utmp|utempter|dbus|avahi-autoipd|rpc|rpcuser|nfsnobody|ssh_keys).*
(group|user)add.*: new (user|group): name=(mockbuild|dialout|floppy|cdrom|tape|utmp|utempter|dbus|avahi-autoipd|rpc|rpcuser|nfsnobody|ssh_keys).*
heartbeat.* info:.*
heartbeat.*:info.*
heartbeat.*:WARN: Gmain_timeout_dispatch: Dispatch function for retransmit request took too long to execute.*
httpd.*:.*AH0.*
in.tftpd.*: tftp: client does not accept options
journal:.*\[wsgi\:error\]
journal:.*0000\] \"POST .*
journal:.*0000\] \"GET .*
journal: libvirt version.*
journal: Failed to acquire.*
journal: cannot lookup default selinux label for.*
journal: Domain id.*
journal: End of file while reading data\: Input\/output error
journal: hostname.*
journal: 10.131.0.1.*
journal: 10.128.0.1.*
journal: 10.130.0.1.*
journal: - HAProxy port 1936 health check ok : 0 retry attempt(s).
journal:.*Go-http-client.*
journal.*:.*healthz.*
journal.*DEBUG.*
journal.*WARNING.*
kernel:.*CPU.*power limit.*
kernel:.*dma-pl330 fff3d000.dma: Reset Channel.*
kernel: TCPv6: Possible SYN flooding on port 80. Sending cookies.
kernel: TCPv6: Possible SYN flooding on port 80. Dropping request.
kernel: possible SYN flooding on port 80. Sending cookies.
kernel: EXT4-fs \(.*\): mounted filesystem with ordered data mode.*
kernel: ioctl32\(e2fsck.*
kernel: ioctl32\(resize2fs.*
kernel: md: data-check of RAID array.*
kernel: md: delaying data-check of.*
kernel: md: md.*: data-check done.
kernel: md: minimum _guaranteed_ speed.*
kernel: md: using 128k window.*
kernel: md: using maximum available idle IO bandwidth.*
kernel: printk.*suppressed.
kernel: __ratelimit:.*callbacks suppressed
kernel:.*subj=.*
kernel:.*exe=.* \(sauid=.*, hostname=.* addr=.* terminal=.*\)
kernel:.*type=.*audit\(.*
kernel:.*audit_printk_skb:.*callbacks suppressed
kernel:.*usb 3-3: new full-speed USB device number.*using xhci_hcd
kernel:.*usb 3-3: Device not responding to set address.
kernel:.*usb 3-3: Device not responding to set address.
kernel:.*usb 3-3: device not accepting address.*error -71
kernel:.*kvm.*vcpu.*unhandled rdmsr.*
kernel:.*kvm_get_msr_common:.*callbacks suppressed
kernel:.*device vnet.*entered promiscuous mode
kernel:.*virbr0: port.*entered.*state
kernel:.*virbr0: topology change detected, propagating
kernel: blk_update_request.*I/O error, dev loop0, sector.*
kernel: blk-mq: bad return on queue.*
kernel: XFS.*Ending clean mount
kernel: XFS.*Unmounting Filesystem
kernel: XFS.*Mounting V5 Filesystem
kernel: XFS.*Ending clean mount
kernel: .*added RAID HP P410i controller SSDSmartPathCap.*
kernel: hpsa.*addition failed -19, device not added.
kernel: PC.*
kernel: LR.*
kernel: pc.*
kernel: sp.*
kernel: x.*
kernel: Hardware name.*
kernel: task.*
kernel: kauditd_printk_skb.*
kernel: sd 7.*
kernel: Using.*as fallback implementation.
kojid.*
koschei.*
kojira.*
logrotate.*
lvm.*: Another thread is handling an event. Waiting...*
libvirtd:.*debug.*
libvirtd.*:.*is tainted.*
nagios.*
named.*: .* general: info:.*
named.*: .* notify: info:.*
named.*: .* general: error: zone.*unchanged. zone may fail to transfer to slaves.
named.*: .* resolver: notice: DNS format error from.*: invalid response
named.*: .* resolver: notice: DNS format error from.*: non-improving referral
named.*: .* resolver: notice: clients-per-query increased to.*
named.*: .* security: info: client.*: view.*: query (cache).*denied
named.*: .* edns-disabled: info: success resolving.*after.*
named.*: .* security: info: client.*denied
named.*: .* rate-limit: info:.*
named.*: .* general: warning: checkhints: view.*
named.*: .* query-errors: info: client.*rate limit slip response to.*
named.*: .* query-errors: info: client.*rate limit drop response to.*
NetworkManager.*: \<info\>.*
NetworkManager.*: \<warn\>.*
NetworkManager.*: \<error\>.*Unspecific failure
nm-dispatcher.*:.*
nrpe.*: Error: Request packet type.*
nrpe.*: Client request was invalid.*
ntpd.*
openqa:.*is not a registered asset
openqa: no products found.*
openqa-scheduler.*
openqa-websockets.*
openqa:.*Asset.*
openshift-master.*
openshift: grpc: addrConn.resetTransport failed to create client transport.*
openshift: message repeated.*times.*failed to create client transport.*
openshift: Failed to dial.*
fedora-openqa-consumer.*
openvpn.*: Auth read bytes.*
openvpn.*: CLIENT_LIST.*
openvpn.*: END
openvpn.*: event_wait : Interrupted system call.*
openvpn.*: GLOBAL_STATS.*
openvpn.*: HEADER.*
openvpn.*: OpenVPN STATISTICS
openvpn.*: post-compress bytes.*
openvpn.*: post-decompress bytes.*
openvpn.*: pre-compress bytes.*
openvpn.*: pre-decompress bytes.*
openvpn.*: ROUTING_TABLE.*
openvpn.*: TCP/UDP.*
openvpn.*: TCP/UDP.*
openvpn.*: TIME.*
openvpn.*: TITLE.*
openvpn.*: TUN/TAP.*
openvpn.*: UDPv4 link (local|remote).*
openvpn.*: SIGUSR1.*
openvpn.*: Updated.*
openvpn.*:.*Re-using SSL/TLS context.*
openvpn.*:.*LZO compression.*
openvpn.*: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts.*
openvpn.*: WARNING: No server certificate verification method has been enabled.*
openvpn.*: .*peer info.*
origin-master.*
origin-node.*
oci-systemd-hook.*
oci-umount.*
pam_unix\(.*\): account .* has password changed in future
pagure-stream-server.py:.*
pagure-webhook-server.py:.*
pagure_stream_server.py:.*
pagure_logcom_server.py:.*
polkitd.*
postfix/anvil.*: statistics.*
postfix/bounce.*sender non-delivery notification.*
postfix/error.*:.*delivery temporarily suspended.*Connection timed out.*
postfix/error.*:.*delivery temporarily suspended.*No route to host.*
postfix/error.*:.*delivery temporarily suspended.*temporarily deferred due to user complaints.*
postfix/error.*:.*delivery temporarily suspended.*while receiving the initial server greeting.*
postfix/error.*:.*delivery temporarily suspended.*Host or domain name not found.*
postfix/error.*:.*delivery temporarily suspended.*Connection refused.*
postfix/error.*:.*delivery temporarily suspended.*conversation with.*
postfix/error.*:.*delivery temporarily suspended.*service not available, closing transmission channel.*
postfix/error.*:.*delivery temporarily suspended.*Network is unreachable.*
postfix/error.*:.*refused to talk to me.*
postfix/lmtp.*:.*250.*Ok.*
postfix/lmtp.*: 503.*
postfix/local.*: table.*has changed -- restarting.*
postfix/master.*: daemon started.*
postfix/master.*: terminating on signa.*
postfix/pipe.*:.*delivered via spamassassin.*
postfix/postfix-script.*: starting the Postfix mail system
postfix/postfix-script.*: stopping the Postfix mail system
postfix/postfix-script.*: waiting for the Postfix mail system to terminate
postfix/scache.*: statistics.*
postfix/smtp.*: 400.*
postfix/smtp.*: 421.*
postfix/smtp.*: 450.*
postfix/smtp.*: 451.*
postfix/smtp.*: 452.*
postfix/smtp.*: 454.*
postfix/smtp.*: 503.*
postfix/smtp.*: conversation.* timed out.*
postfix/smtpd.*: table.*has changed -- restarting.*
postfix/smtpd.*: timeout.*
postfix/smtpd.*: too many errors after RCPT.*
postfix/smtp.*: enabling PIX.*
postfix/smtp.*: lost connection.*
postfix/smtp.*:.*refused to talk to me.*
postfix/smtp.*: warning: malformed domain name.*
postfix/smtp.*: warning: valid_hostname:.*
postfix/smtp.*:.*yahoo.*refused to talk to me.*
python.*: ansible-<stdin>.*
python.*: ansible.*: Invoked.*
python.*: ansible.* Invoked.*
python2.*
rabbitmq-server.*
ResourceManager.*: info:.*
restorecond: Reset file context /etc/aliases.*
restorecond: Reset file context /var/db/shadow.db.*
restorecond: Unable to watch.*
Rootkit Hunter: Rootkit hunter.*
Rootkit Hunter: Scanning.*
rdbsync.*
root: time debug:.*
rkhunter.*: Rootkit hunter check started.*
rkhunter.*: Scanning took.*
registry.*
rpc.idmapd.*: nss_getpwnam: name.*apache.*
rpc.idmapd.*: nss_getpwnam: name.*masher.*
rpc.idmapd.*: nss_getpwnam: name.*root@fedora.*
rpc.idmapd.*: nss_getpwnam: name.*root@localdomain*
rsyncd.*: building.*
rsyncd.*: connect from.*
rsyncd.*: file has vanished:
rsyncd.*: name lookup failed for.*
rsyncd.*: rsync: connection unexpectedly closed.*
rsyncd.*: rsync error: error in rsync protocol data stream.*
rsyncd.*: sent.*
rsyncd.*: rsync: change_dir.*failed.*
#rsync.*: rsync on.*
rsyslogd-2163:epoll_ctl failed
#goofy-ass rsyslogd error :(
rsyslogd: \[origin software.*
^\(\':\',.*
setfiles: relabeling .*
spamc.*: connect to spamd on.*
spamc.*: skipped message, greater.*
spamd.*: bayes: cannot open bayes databases.*
spamd.*: logger: removing.*
spamd.*: prefork.*
spamd.*: pyzor:.* error: TERMINATED
spamd: result:.*
spamd.*: spamd: clean message.*
spamd.*: spamd: clean message.*
spamd.*: spamd: handled cleanup.*
spamd.*: spamd: identified spam.*
spamd.*: spamd: server killed.*
spamd.*: spamd: server pid.*
spamd.*: spamd: server started.*
spamd.*: spamd: server successfully.*
spamd.* spamd: setuid to.*
sshd.*: message repeated.*Starting session.*
sshd.*: Address.*maps to.*but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT.*
sshd.*: Did not receive identification.*
sshd.*: Disconnecting: Too many authentication failures for root.*
sshd.*: error: connect_to
sshd.*: error: ssh_selinux_setup_pty:
sshd.*: Found matching RSA key.*
sshd.*: Found matching DSA key.*
sshd.*: Found matching ED25519 key.*
sshd.*: input_userauth_request: invalid user.*
sshd.*: pam_unix\(sshd:session\): session closed for user.*
sshd.*: Close session.*
sshd.*: pam_unix\(sshd:session\): session opened for user.*
sshd.*: Postponed publickey for.*
sshd.*: refused connect from.*
sshd.*: reverse mapping checking getaddrinfo.*POSSIBLE BREAK-IN ATTEMPT.*
sshd.*: Server listening on.*
sshd.*: subsystem request for sftp
sshd.*: pam_namespace.*: Unmount of \/tmp failed, Device or resource busy.*
sshd.*: Set /proc/self/oom_score_adj.*
sshd.*: Connection from.* port.*
sshd.*: Transferred: sent.*, received.*bytes
sshd.*: Closing connection to.*port.*
sshd.*: User child is on pid.*
sshd.*: Read error from remote host.*: Connection reset by peer
sshd.*: Read error from remote host.*: Connection timed out
sshd.*: error: Could not load host key: /etc/ssh/ssh_host_dsa_key
sshd.*: Starting session.*
sshd.*: fatal: Read from socket failed: Connection reset by peer.*
sshd.*: Starting session: subsystem 'sftp' for root from 10.5.126.23 port.*
sshd.*: Starting session: subsystem 'sftp' for root from 209.132.181.6 port.*
sshd.*: Corrupted MAC on input.
sshd.*: pam_systemd(sshd:session): Failed to create session: No such file or directory
sshd.*: fatal: Write failed: Connection reset by peer
sshd.*: pam_succeed_if\(sshd:auth\): requirement.*
sshd.*: pam_unix\(sshd:auth\): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=.*
sshd.*: PAM .* more authentication failures\; logname= uid=0 euid=0 tty=ssh ruser= rhost=.*
sshd.*: pam_unix\(sshd:auth\): check pass; user unknown
sshd.*: error\: maximum authentication attempts exceeded for.*from.*port.*ssh2 [preauth]
sshd.*: Disconnecting\: Too many authentication failures.*
sshd.*: Disconnected from.*
sshd.*: Read error from remote host.*
sshd.*: error\: maximum authentication attempts exceeded for.*
sshd.*: Close session.*user root from 10.5.126.23 port.*id 0
sshd.*: error\: key_read: uudecode.*failed
sshd.*: Connection reset by.*
sshd.*: error\: buffer_get_ret\: trying to get more bytes.*
sshd.*: error\: buffer_get_string_ret\: buffer_get failed
sshd.*: error\: buffer_get_bignum2_ret\: invalid bignum
sshd.*: error\: key_from_blob\: can\'t read rsa key
sshd.*: error\: key_read\: key_from_blob
sshd.*: Close session\: user root from 10.5.126.23 port.*
sshd.*: error: key_from_blob: remaining bytes in key blob 36
sshd.*: error: cert_parse: Invalid signature key type unknown (11)
sshd.*: error: key_from_blob: can't parse cert data
sshd.*: error: Could not load host certificate: /etc/ssh/ssh_host_rsa_key-cert.pub
sshd.*: pam_systemd\(sshd:session\): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out.*
sshd.*: Nasty PTR record.*
sshd.*: Disconnecting: Change of username or service not allowed.*
sshd.*: Unable to negotiate with.*
sshd.*: pam_systemd.*
stunnel.*:.*
su: pam_unix\(su-l:session\): session .* for user.*
runuser: pam_unix\(runuser-l:session\).* session opened for user postgres by.*
runuser: pam_unix\(runuser-l:session\).* session closed for user postgres
systemd-logind.*
systemd: dev-disk-by.*
systemd: Start.*
systemd.*: Stop.*
systemd.*: Reached.*
systemd: pam_unix\(systemd-user:session\): session opened for user root by (uid=0)
systemd: pam_unix\(systemd-user:session\): session closed for user root
systemd: pam_unix\(systemd-user:session\): session.*
systemd.*: Start.* Cleanup of Temporary Directories.*
systemd-machine-id-setup.*: Initializing machine ID.*
systemd.*: Created slice user-.*.slice.
systemd.*: Removed slice User Slice of.*
systemd.*: Created slice User Slice of.*
systemd.*: Listening on D-Bus User Message Bus Socket.
systemd.*: Removed slice User-.*
systemd.*: Received SIGRTMIN\+24 from PID.*
systemd.*: Failed to mark scope session-.*.scope as abandoned : Stale file handle
systemd.*: Failed to reset devices.list on /machine.slice: Invalid argument
systemd: tmp.mount.*
systemd: Unit git.*
systemd-coredump.*:.*
systemd-machined.*:.*
systemd: Configuration file.*is marked world-inaccessible.*
systemd.*: Reload.*
systemd.*: Closed D-Bus User Message Bus Socket.
systemd.*: Removed slice User Slice of root.
systemd.*: Starting user-0.slice.
systemd.*: Started Session.*of user root.
systemd.*: Starting Session.*of user root.
systemd-udevd.*: conflicting device node.*
systemd-udevd.*: Could not generate persistent MAC address for.*
systemd-udevd.*: link_config: autonegotiation is unset or enabled.*
systemd.*: Starting user-.*.slice.
systemd.*: Started Session.*of user git.
systemd.*: Starting Session.*of user git.
systemd.*: Cannot add dependency job for unit microcode.service.*
systemd.*: Scope libcontainer.*has no PIDs. Refusing.
systemd: Failed to start OpenShift Node.*
systemd: Failed to start Origin Master Service.
systemd.*: pam_unix\(systemd-user\:session\)\: session opened for user.*
systemd.*: Created slice User Slice of.*
systemd.*: Starting User Manager for UID.*
systemd.*: Started Session.*
systemd.*: Starting D-Bus User Message Bus Socket.
systemd.*: Listening on D-Bus User Message Bus Socket.
systemd.*: Startup finished in.*
systemd.*: Started User Manager for UID.*
systemd.*: Started Process Core Dump
systemd.*: Starting Exit the Session...
systemd.*:.*Network Manager Script Dispatcher Service.*
systemd.*: Started Virtual Machine.*
systemd.*: iscsi.service\: Unit cannot be reloaded because it is inactive.
supybot.*
twistd.*
unix_chkpwd.*: account .* has password changed in future
unix_chkpwd.*: password check failed for user \(root\)
userhelper.*: running \'/usr/sbin/mock.*
userhelper.*: running \'/usr/libexec/mock/mock.*
worker.*
# Do not want any of the new gitolite stuff
gitolite.*
groupadd.*: new group.*
groupadd.*: group added to /etc/g.*
useradd.*: new user.*
varnishd.*: Child .* said missing \)CLI.*
varnishd.*: Child .* said nothing to repeatCLI result.*
xinetd.*: Exiting.*
xinetd.*: FAIL: git per_source_limit.*
xinetd.*: readjusting service rsync
xinetd.*: Reconfigured.*
xinetd.*: Started.*
xinetd.*: Starting reconfiguration
xinetd.*: Swapping defaults
xinetd.*: xinetd Version.*
ykksm.*: SUCCESS.*
ykval.*: LOG_INFO.*
ykval.*: LOG_WARNING.*
ykval.*: SUCCESS.*
ykval.*: WARNING.*
yum.*: Installed:.*
yum.*: Updated:.*
[REMOVE]
##
# Here is where you put the rules (VERBATIM) from the weed_dist.cf file
#
Reference in a new issue View git blame Copy permalink