New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ENH: filter for Tine 2.0 #583
Conversation
Thanks Lars, few things: does a wrong user and wrong password log identical messages? Can you try to do a stronger regex (see https://github.com/fail2ban/fail2ban/blob/master/FILTERS for why)? Is there some documentation that describes the format of at least the first few fields of the logs? Can you give yourself credit in the THANKS document? Due to its logs being in UTC format I may just merge this into the 0.9 branch (which is able to parse and understand timezones correctly) without every user having very different findtimes as a kludgy workaround.. Much appreciate your contribution. |
ping, probably looking at doing a 0.9 release next week. If you don't have much time can you tell me if usernames can contain spaces? And does a wrong user and wrong password log identical messages? (if not logs for both would be appreciated). And I can do the rest. |
Thanks for the ping! Wrong user logs this line: Wrong password logs this line: Only the status -1 or -3 is different. The source code of the Tine 2.0 logger class can be found here: http://git.tine20.org/git?p=tine20;a=blob;f=tine20/Tinebase/Log/Formatter.php;h=ccfd4442bb537dea11ffa91d8d4b8cdf53bc498a;hb=HEAD 5 chars request id [SPACE][SPACE] Usernames can contain spaces. I would really appreciate if could take over, as I will be very busy this week and it would be great if this change can delivered with the 0.9 release. Thanks! |
beautiful. Thanks for the links and answers. Will take over and get this included before release. Have a great week, even if a bit busy, and I'll let you know when its done. |
Ok. moved to #593. If you have two more log samples with logdifftime or logruntime enable and both enabled that would be good too. |
closed per #593. Still would like log samples with logdifftime/logruntime enabled. |
This change adds the needed rules for the Tine 2.0 log file.