I have a variety of lines that do not fit into Logwatch' regex for sshd. They are mainly caused by the lack of a port in the formatting. There are three typical lines that are affected:
Received disconnect from [***] port [***]:11: [preauth] : 1 time(s)
Disconnected from [***] port [***] [preauth] : 1 time(s)
Connection reset by [***] port [***] [preauth] : 3 time(s)
I have a variety of lines that do not fit into Logwatch' regex for sshd. They are mainly caused by the lack of a port in the formatting. There are three typical lines that are affected:
Received disconnect from [***] port [***]:11: [preauth] : 1 time(s)
Disconnected from [***] port [***] [preauth] : 1 time(s)
Connection reset by [***] port [***] [preauth] : 3 time(s)
The first line is matched by using a provided patch: https:/ /bugzilla. redhat. com/attachment. cgi?id= 1136417& action= diff logwatch/ scripts/ services/ sshd for the "Received disconnect from"
The other two still remain in my case, I manually patched /usr/share/
What is the update for this issue? I couldn't find any details about patches from upstream, otherwise I could test those as well.