journalwatch config

modules/journalwatch.nix

@@ -36,7 +36,7 @@
     mailTo = "daniel+journalwatch@systemli.org";
     #interval = "hourly";
 
-    # Lowest priority of message to be considered. A value between 7 (“debug”), and 0 (“emerg”). Defaults to 6 (“info”). If you don’t care about anything with “info” priority, you can reduce this to e.g. 5 (“notice”) to considerably reduce the amount of messages without needing many filterBlocks.
+    # Lowest priority of message to be considered. A value between 7 (“debug”), and 0 (“emerg”). Defaults to 6 (“info”). If you don't care about anything with “info” priority, you can reduce this to e.g. 5 (“notice”) to considerably reduce the amount of messages without needing many filterBlocks.
     priority = 5;
 
     # Default patterns: https://github.com/The-Compiler/journalwatch/blob/363725ac4b8aa841d87654fa8a63403a59ad1275/journalwatch.py#L71
@@ -45,13 +45,25 @@
     # All regular expressions have to match the full string!
     filterBlocks = [
 
+      #
+      # _EXE
+      #
+
+      { # yodaNas
+        filters = ''
+          # Ignore any invocation of sudo.
+          .*
+        '';
+        match = "_EXE = //nix/store/[a-z0-9]+-sudo-[0-9]+.[0-9]+.[0-9]+[a-z0-9]+/bin/sudo/";
+      }
+
       #
       # _SYSTEMD_CGROUP
       #
 
       { # yodaYoga
         filters = ''
-         parent not found! continent_id [0-9]+
+          parent not found! continent_id [0-9]+
         '';
         match = "_SYSTEMD_CGROUP = /system.slice/docker.service";
       }
@@ -62,7 +74,7 @@
 
       { # yodaYoga
         filters = ''
-        [BABEL] Note: The code generator has deoptimised the styling of \S+ as it exceeds the max of 500KB\.
+          [BABEL] Note: The code generator has deoptimised the styling of \S+ as it exceeds the max of 500KB\.
         '';
         match = "IMAGE_NAME = /biketripplanner/digitransit-ui:\S+/";
       }
@@ -73,26 +85,27 @@
 
       { # yodaTux
         filters = ''
-         .*
+          .*
         '';
         match = "_SYSTEMD_UNIT = /(bluetooth\.service|cups\.service)/";
       }
       { # yodaYoga
         filters = ''
-         # Somebody evil trying to connect over SSH ^^
+          # Somebody evil trying to connect over SSH ^^
-         error: kex_exchange_identification: read: Connection reset by peer
+          error: kex_exchange_identification: read: Connection reset by peer
-         # Somebody evil connected with a non-SSH client to the SSH server.
+          # Somebody evil connected with a non-SSH client to the SSH server.
-         error: kex_exchange_identification: banner line contains invalid characters
+          error: kex_exchange_identification: banner line contains invalid characters
-         # Somebody evil ...
+          # Somebody evil ...
-         error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1"
+          error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1"
-         error: kex_exchange_identification: Connection closed by remote host
+          error: kex_exchange_identification: Connection closed by remote host
-         error: PAM: Authentication failure for \S+ from \S+
+          error: PAM: Authentication failure for \S+ from \S+
         '';
         match = "_SYSTEMD_UNIT = sshd.service";
       }
       { # yodaTux, yodaYoga
         filters = ''
           The system will suspend now!
+          The system will power off now!
           System is powering down\.
         '';
         match = "_SYSTEMD_UNIT = systemd-logind.service";
@@ -158,7 +171,8 @@
       }
       { # yodaYoga
         filters = ''
-          \S+.(service|scope): Consumed [0-9]+h [0-9]+min [0-9]+\.[0-9]+s CPU time, read [0-9]+\.[0-9]+M from disk, written [0-9]+\.[0-9]+G to disk, received [0-9]+\.[0-9]+M IP traffic, sent [0-9]+\.[0-9]+M IP traffic\.
+          \S+.(service|scope): Consumed .+ CPU time, read .+ from disk, written .+ to disk.+
+          \S+.(service|scope): Consumed .+ CPU time, received .+ IP traffic, sent .+ IP traffic\.
           #
           Shutting down\.
         '';
@@ -184,17 +198,29 @@
           iwlwifi 0000:01:00\.0: api flags index 2 larger than supported by driver
           # Ignore.
           random: crng reseeded on system resumption
+          random: crng init done
           # Ignore.
-          sd 2:0:0:0: [sda] [0-9]+ 512-byte logical blocks: \([0-9]+ GB/[0-9]+ GiB\)
+          sd [0-9]:0:0:0: [sda] [0-9]+ 512-byte logical blocks: \([0-9]+ GB/[0-9]+ GiB\)
-          sd 2:0:0:0: [sda] Write Protect is off
+          sd [0-9]:0:0:0: [sda] Write Protect is off
-          sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
+          sd [0-9]:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
-          sd 2:0:0:0: [sda] Optimal transfer size [0-9]+ bytes not a multiple of preferred minimum block size (4096 bytes)
+          sd [0-9]:0:0:0: [sda] Optimal transfer size [0-9]+ bytes not a multiple of preferred minimum block size (4096 bytes)
-          sd 2:0:0:0: [sda] Attached SCSI disk
+          sd [0-9]:0:0:0: [sda] Attached SCSI disk
           #
           # YodaTab
           #
           # Ignore.
           mmc0: cannot verify signal voltage switch
+          Initialise system trusted keyrings
+          Key type asymmetric registered
+          Asymmetric key parser 'x509' registered
+          Loading compiled-in X.509 certificates
+          Key type \.fscrypt registered
+          Key type fscrypt-provisioning registered
+          Key type encrypted registered
+          Bridge firewalling registered
+          SCSI subsystem initialized
+          scsi 0:0:0:0: Direct-Access\s+ATA\s+SanDisk SD7TB6S2 1201 PQ: 0 ANSI: 5
+          thinkpad_acpi: Disabling thinkpad-acpi brightness events by default\.\.\.
           #
           done\.
         '';