graylog - collecting Failed and Accepted logins for your SSH
博客专区 > zzimac 的博客 > 博客详情
graylog - collecting Failed and Accepted logins for your SSH
zzimac 发表于7个月前
graylog - collecting Failed and Accepted logins for your SSH
  • 发表于 7个月前
  • 阅读 6
  • 收藏 0
  • 点赞 0
  • 评论 0

新睿云服务器60天免费使用,快来体验!>>>   

You can create a stream just for an example then let us call it SSH accepted/failed

Then create a rule where you enter
field : messages
type : match regular expression
value for failed: Failed password for.+ from .+

and then create a new rule for the same stream with the value : Accepted password for.+ from .+

Then you will have a Stream there is collecting Failed and Accepted logins for your SSH

标签: graylog
  • 打赏
  • 点赞
  • 收藏
  • 分享
共有 人打赏支持
粉丝 3
博文 62
码字总数 9958
×
zzimac
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: