Menu
▾
▴
Re: [SSHGuard-users] strange log messages about dns resolving
|
From: Daniel A. <co...@da...> - 2018-08-02 11:07:01
|
On Thu, Aug 2, 2018, at 12:46, Frank Steiner wrote: > Daniel Aleksandersen wrote: > > How are you feeding logs to SSHGuard? Could you share your configuration? > > I just added these two lines at the end of /etc/sshguard.conf that came > with sshguard-2.2.0: > > BACKEND="/usr/sbin/mysshguard" > FILES="/var/log/messages" > > and left the config as is otherwise. opensuse collects everything in > /var/log/messages, so we need to work on that file. OpenSUSE uses the systemd journal, doesn’t it? Try replacing the messages file with a LOGREADER instead (this is from SSHGuard’s example conf): LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -o cat" You can add multiple -t arguments to pull in multiple log identifiers. Some docs: https://doc.opensuse.org/documentation/leap/reference/html/book.opensuse.reference/cha.journalctl.html https://www.freedesktop.org/software/systemd/man/journalctl.html Regards, -- Daniel Aleksandersen https://www.daniel.priv.no/ |
