From e0d637cbf81e2b965e49198c74cdf58c2c469fe4 Mon Sep 17 00:00:00 2001
From: Daniel Langbein <daniel@systemli.org>
Date: Tue, 3 Oct 2023 18:51:34 +0200
Subject: [PATCH] journalwatch config

---
 modules/journalwatch.nix | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/modules/journalwatch.nix b/modules/journalwatch.nix
index 2489f19..1e357a8 100644
--- a/modules/journalwatch.nix
+++ b/modules/journalwatch.nix
@@ -222,20 +222,6 @@
         '';
         match = "_SYSTEMD_UNIT = systemd-udevd.service";
       }
-      { # yodaYoga
-        filters = ''
-          # Somebody evil ...
-          error: kex_exchange_identification: banner line contains invalid characters
-          # error: kex_exchange_identification: client sent invalid protocol identifier "MGLNDD_188.194.209.73_2222"
-          # error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1"
-          error: kex_exchange_identification: client sent invalid protocol identifier "[^"]+"
-          error: kex_exchange_identification: Connection closed by remote host
-          error: kex_exchange_identification: read: Connection reset by peer
-          error: PAM: Authentication failure for \S+ from \S+
-          fatal: Timeout before authentication for \S+ port [0-9]+
-        '';
-        match = "_SYSTEMD_UNIT = sshd.service";
-      }
       { # yodaTux, yodaYoga
         filters = ''
           The system will suspend now!
@@ -291,6 +277,20 @@
       # SYSLOG_IDENTIFIER
       #
 
+      { # yodaYoga, yodaNas
+        filters = ''
+          # Somebody evil ...
+          error: kex_exchange_identification: banner line contains invalid characters
+          # error: kex_exchange_identification: client sent invalid protocol identifier "MGLNDD_188.194.209.73_2222"
+          # error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1"
+          error: kex_exchange_identification: client sent invalid protocol identifier "[^"]+"
+          error: kex_exchange_identification: Connection closed by remote host
+          error: kex_exchange_identification: read: Connection reset by peer
+          error: PAM: Authentication failure for \S+ from \S+
+          fatal: Timeout before authentication for \S+ port [0-9]+
+        '';
+        match = "SYSLOG_IDENTIFIER = sshd";
+      }
       { # yodaTux. If the user `yoda` runs a command with `sudo`.
         filters = ''
           \s+yoda : TTY=pts/[0-9] ; PWD=/\S+ ; USER=root ; COMMAND=/.+