Hello, I'm trying to setup a stream that will email an alert whenever there is a failed ssh attempt.
Under the stream rule i have: Field: message Type: match regular expression Value: Failed password for.+ from .+ That doesn't seem to work. Any help would be appreciated. Thanks -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/948d9ca5-45de-4cf6-b47f-08a5b872692c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
