#21 patch for issue 3413745 (kernel timestamps)

open
nobody
None
5
2011-09-25
2011-09-25
Adam Spiers
No

See: https://sourceforge.net/tracker/?func=detail&aid=3413745&group_id=121032&atid=689044

On Fedora 15, some of my syslog messages contain kernel timestamps, such as:

Sep 25 12:51:01 myhost kernel: [773577.436184] sshd[25551]: Invalid user pgsql from 91.203.223.206
Sep 25 13:01:01 myhost kernel: [774178.096112] run-parts(/etc/cron.hourly)[26252]: finished mcelog.cron

The definition of __prefix_line in filter.d/common.conf fails to recognise these. Patch attached but also available here:

https://github.com/aspiers/Fail2Ban/commit/bdbb36434647a7c34b084ff7bf4f8ab31f846d3e

Discussion