Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12 'log stream --style syslog' timestamp format
Daniel Luke
Branch: Deleted repository:master
Branch: sshguard/sshguard:master
Declined
Declined pull request
Committed in 5c40dac, thanks! In the future, please keep the first line of the commit message less than 72 characters and rebase against master so merging the pull request is just a fast-forward.
Closed by: Kevin Zheng·2016-10-10
Mac OS X 10.12 has new logging. The output from 'log stream --style syslog' almost works with sshguard, but the timestamp as a ' ' where sshguard is expecting a 'T'. This small patch to attack_scanner.l works for me with the 1.7.0 release.
Example log:
2016-10-10 11:48:23.818495-0400 localhost sshd[33170]: error: PAM: authentication error for illegal user foo from 2606:5580:311:fff8:7995:15bf:e297:c6b5