diff --git a/monitorix.conf b/monitorix.conf index e4076e2..c6bf3a6 100644 --- a/monitorix.conf +++ b/monitorix.conf @@ -630,24 +630,24 @@ secure_log_date_format = %b %e Default = SSH, FTP, TELNET, IMAP, Samba, Fax, CUPS, POP3, SMTP, Spam, Virus, Fail2ban - SSH = file:/root/log/secure, "^%b %e", "sshd\[.*\]: Accepted " - FTP = file:/root/log/secure, "%b %e", "START: ftp" + " proftpd\[.*Login successful." + "\"PASS .*\" 230" - FTP = file:/root/log/secure, "%b %e", "OK LOGIN:" - FTP = file:/root/log/secure, "%b %e", "\[INFO\] .*? is now logged in" - TELNET = file:/root/log/secure, "^%b %e", "START: telnet" - Samba = exec:/root/bin/samba.sh, "", "" - Fax = file:/root/spool/hylafax/etc/xferfaxlog, "^%m/%d/%y", "SEND" - CUPS = file:/root/log/cups/page_log, "\[%d/%b/%Y:", "" - Fail2ban = file:/root/log/fail2ban.log, "^%Y-%m-%d", " fail2ban.actions .* Ban " - IMAP = file:/root/log/imap, "%b %d", " imapd\[.* Login user=" - POP3 = file:/root/log/imap, "%b %d", " ipop3d\[.* Login user=" - IMAP = file:/root/log/imap, "%b %d", " imap-login: .* Login: " - POP3 = file:/root/log/imap, "%b %d", " pop3-login: .* Login: " - SMTP = file:/root/log/maillog, "^%b %e", i:"to=.*stat(us)?=sent" - Spam = file:/root/log/maillog, "^%b %e", "MailScanner.*Spam Checks:.*Found.*spam messages" + "amavis\[.* SPAM" - Spam = file:/root/log/maillog, "^%b %e", "spamd: identified spam" - Virus = file:/root/log/maillog, "^%b %e", "MailScanner.*Virus Scanning:.*Found.*viruses" + "amavis\[.* INFECTED|amavis\[.* BANNED" - Virus = file:/root/log/messages, "^%b %e", " clamd\[.* FOUND$" + SSH = file:/var/log/secure, "^%b %e", "sshd\[.*\]: Accepted " + FTP = file:/var/log/secure, "%b %e", "START: ftp" + " proftpd\[.*Login successful." + "\"PASS .*\" 230" + FTP = file:/var/log/secure, "%b %e", "OK LOGIN:" + FTP = file:/var/log/secure, "%b %e", "\[INFO\] .*? is now logged in" + TELNET = file:/var/log/secure, "^%b %e", "START: telnet" + Samba = exec:/usr/local/bin/samba.sh, "", "" + Fax = file:/var/spool/hylafax/etc/xferfaxlog, "^%m/%d/%y", "SEND" + CUPS = file:/var/log/cups/page_log, "\[%d/%b/%Y:", "" + Fail2ban = file:/var/log/fail2ban.log, "^%Y-%m-%d", " fail2ban.actions .* Ban " + IMAP = file:/var/log/imap, "%b %d", " imapd\[.* Login user=" + POP3 = file:/var/log/imap, "%b %d", " ipop3d\[.* Login user=" + IMAP = file:/var/log/imap, "%b %d", " imap-login: .* Login: " + POP3 = file:/var/log/imap, "%b %d", " pop3-login: .* Login: " + SMTP = file:/var/log/maillog, "^%b %e", i:"to=.*stat(us)?=sent" + Spam = file:/var/log/maillog, "^%b %e", "MailScanner.*Spam Checks:.*Found.*spam messages" + "amavis\[.* SPAM" + Spam = file:/var/log/maillog, "^%b %e", "spamd: identified spam" + Virus = file:/var/log/maillog, "^%b %e", "MailScanner.*Virus Scanning:.*Found.*viruses" + "amavis\[.* INFECTED|amavis\[.* BANNED" + Virus = file:/var/log/messages, "^%b %e", " clamd\[.* FOUND$" mode = i graphs_per_row = 2