mirror of
https://codeberg.org/privacy1st/nix-git
synced 2024-12-23 02:36:05 +01:00
journalwatch config
This commit is contained in:
parent
2607aac99d
commit
20ff5b3e07
@ -42,7 +42,7 @@
|
||||
../../modules/jetbrains-ide.nix
|
||||
];
|
||||
|
||||
foo = throw "NixOS rebuild boot required to update to 24.05";
|
||||
#foo = throw "NixOS rebuild boot required to update to 24.05";
|
||||
|
||||
networking.hostName = "yodaGaming";
|
||||
boot.initrd.luks.devices."luks-root".allowDiscards = true;
|
||||
|
@ -24,7 +24,7 @@
|
||||
../../modules/btrfs-mount-options.nix
|
||||
];
|
||||
|
||||
foo = throw "NixOS rebuild boot required to update to 24.05";
|
||||
#foo = throw "NixOS rebuild boot required to update to 24.05";
|
||||
|
||||
networking.hostName = "yodaYoga";
|
||||
boot.initrd.luks.devices."luks-a8521407-e25b-4f26-8e7a-a56fcbfd2e35".allowDiscards = true;
|
||||
|
@ -49,16 +49,19 @@ let
|
||||
Unable to negotiate with \S+ port \S+: no matching MAC found. Their offer: \S+ \[preauth\]
|
||||
Unable to negotiate with \S+ port \S+: no matching key exchange method found. Their offer: \S+ \[preauth\]
|
||||
Invalid user \S+ from \S+ port \S+
|
||||
Disconnected from \S+ port \S+ \[preauth\]
|
||||
Disconnected from invalid user \S+ \S+ port \S+ \[preauth\]
|
||||
Disconnected from authenticating user root \S+ port \S+ \[preauth\]
|
||||
Disconnected from authenticating user (root|yoda) \S+ port \S+ \[preauth\]
|
||||
Received disconnect from \S+ port \S+:11: Client disconnecting normally \[preauth\]
|
||||
Received disconnect from \S+ port \S+:11: Bye Bye \[preauth\]
|
||||
Connection reset by invalid user \S+ \S+ port \S+ \[preauth\
|
||||
Connection reset by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
|
||||
Connection reset by \S+ port \S+ \[preauth\]
|
||||
Connection reset by \S+ port \S+
|
||||
Connection closed by \S+ port \S+
|
||||
Connection closed by \S+ port \S+ \[preauth\]
|
||||
Connection closed by authenticating user (root|yoda) \S+ port \S+ \[preauth\]
|
||||
Connection closed by invalid user \S+ \S+ port \S+ \[preauth\]
|
||||
Connection closed by authenticating user root \S+ port \S+ \[preauth\]
|
||||
error: kex_exchange_identification: banner line contains invalid characters
|
||||
error: kex_exchange_identification: client sent invalid protocol identifier "[^"]*"
|
||||
error: kex_exchange_identification: Connection closed by remote host
|
||||
@ -539,6 +542,7 @@ in
|
||||
|
||||
{ # yodaNas
|
||||
filters = ''
|
||||
Set \S+ (A|AAAA) record to \S+
|
||||
\s*The \S+ (A|AAAA) record points already to \S+
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = netcup-dns.service";
|
||||
@ -555,7 +559,7 @@ in
|
||||
}
|
||||
{ # yodaNas
|
||||
filters = ''
|
||||
time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout"
|
||||
time="[^"]+" level=error msg="\[resolver\] failed to query DNS server: 127.0.0.1:53, query: ;[a-z0-9\.-]+\\tIN\\t A" error="read udp 127.0.0.1:[0-9]+->127.0.0.1:53: i/o timeout"
|
||||
time="[^"]+" level=info msg="Attempting next endpoint for pull after error: Head "[^"]+": Get "[^"]+": net/http: request canceled while waiting for connection \(Client\.Timeout exceeded while awaiting headers\)"
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = docker.service";
|
||||
@ -634,9 +638,17 @@ in
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = systemd-logind.service";
|
||||
}
|
||||
{
|
||||
filters = ''
|
||||
Successful su for root by root
|
||||
pam_unix\(su:session\): session opened for user root\(uid=0\) by root\(uid=0\)
|
||||
pam_unix\(su:session\): session closed for user root
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = /session-[0-9]+\\.scope/";
|
||||
}
|
||||
{ # yodaTux, yodaNas
|
||||
filters = ''
|
||||
\S+\.(service|scope|slice|mount): Consumed [0-9\.]+(s|ms) CPU time(, .+)?\.
|
||||
\S+\.(service|scope|slice|mount): Consumed ([0-9]min )?[0-9\.]+(s|ms) CPU time(, .+)?\.
|
||||
#
|
||||
Starting \S+\.service\.\.\.
|
||||
\S+\.service: Scheduled restart job, restart counter is at 1\.
|
||||
@ -650,6 +662,7 @@ in
|
||||
Starting Load Kernel Module efi_pstore\.\.\.
|
||||
Starting Create SUID/SGID Wrappers\.\.\.
|
||||
Starting Update and start Jinja-Compose project\.\.\.
|
||||
Starting Cleanup of Temporary Directories\.\.\.
|
||||
Started \S+\.service\.
|
||||
Started Logrotate Service\.
|
||||
Started User Manager for UID (0|1000)\.
|
||||
@ -659,6 +672,7 @@ in
|
||||
Finished Spin down inactive HDD \S+\.
|
||||
Finished Load Kernel Module efi_pstore\.
|
||||
Finished Create SUID/SGID Wrappers\.
|
||||
Finished Cleanup of Temporary Directories\.
|
||||
Finished Update and start Jinja-Compose project\.
|
||||
Stopping Reactivate sysinit units\.\.\.
|
||||
Stopping User Manager for UID (0|1000)\.\.\.
|
||||
@ -668,6 +682,7 @@ in
|
||||
Stopped target Reactivate sysinit units\.
|
||||
Stopped User Manager for UID (0|1000)\.
|
||||
Stopped User Runtime Directory /run/user/(0|1000)\.\.\.
|
||||
Stopped User Runtime Directory /run/user/(0|1000)\.
|
||||
Reached target Reactivate sysinit units\.
|
||||
Reached target Local File Systems\.
|
||||
Reached target Remote File Systems\.
|
||||
@ -676,6 +691,7 @@ in
|
||||
Reloading finished in [0-9]+ ms\.
|
||||
session-[0-9]+\.scope: Deactivated successfully\.
|
||||
#
|
||||
(\S+ )+was skipped because no trigger condition checks were met\.
|
||||
(\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
|
||||
File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
|
||||
#
|
||||
@ -713,13 +729,25 @@ in
|
||||
Created slice User Application Slice\.
|
||||
Queued start job for default target Main User Target\.
|
||||
pam_unix\(systemd-user:session\): session opened for user root\(uid=0\) by \(uid=0\)
|
||||
pam_unix\(systemd-user:session\): session closed for user root
|
||||
pam_unix\(systemd-user:session\): session closed for user (root|yoda)
|
||||
Reexecuting requested from client PID [0-9]+ \('systemctl'\)\.\.\.
|
||||
Reexecuting\.
|
||||
Run \S+ was skipped because of an unmet condition check \([^)]+\)\.
|
||||
Run (\S+ )+was skipped because of an unmet condition check \([^)]+\)\.
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = /user@(0|1000)\\.service/";
|
||||
}
|
||||
{
|
||||
filters = ''
|
||||
flapped down
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = smtpd-key.service";
|
||||
}
|
||||
{
|
||||
filters = ''
|
||||
flapped down
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = netcup-dns-95191.json-key.service";
|
||||
}
|
||||
{ # yodaTux
|
||||
filters = ''
|
||||
Acquired the name org\.freedesktop\.PolicyKit1 on the system bus
|
||||
@ -731,6 +759,7 @@ in
|
||||
Registered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+ \[/run/current-system/sw/bin/pkttyagent --notify-fd 5 --fallback\], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\)
|
||||
Operator of unix-process:[0-9]+:[0-9]+ successfully authenticated as unix-user:yoda to gain ONE-SHOT authorization for action org\.freedesktop\.systemd1\.manage-units for system-bus-name::[0-9\.]+ \[systemctl start journalwatch\.service\] \(owned by unix-user:yoda\)
|
||||
Unregistered Authentication Agent for unix-process:[0-9]+:[0-9]+ \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
|
||||
Unregistered Authentication Agent for unix-process:unknown \(system bus name :[0-9\.]+, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8\) \(disconnected from bus\)
|
||||
'';
|
||||
match = "_SYSTEMD_UNIT = polkit.service";
|
||||
}
|
||||
@ -817,7 +846,7 @@ in
|
||||
{
|
||||
filters = (''
|
||||
# Somebody evil iterating through different ports
|
||||
refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ TC=[0-9]+ HOPLIMIT=[0-9]+ FLOWLBL=[0-9]+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+
|
||||
refused connection: IN=\S+ OUT= MAC=\S+ SRC=\S+ DST=\S+ LEN=\S+ .+ PROTO=TCP SPT=[0-9]+ DPT=[0-9]+ WINDOW=[0-9]+ RES=0x00 SYN URGP=0\s+
|
||||
# Ignore.
|
||||
systemd\[[0-9]\]: memfd_create\(\) called without MFD_EXEC or MFD_NOEXEC_SEAL set
|
||||
# Ignore.
|
||||
|
Loading…
Reference in New Issue
Block a user