diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2013-12-26 17:37:01 +0100 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2013-12-26 17:41:34 +0100 |
commit | 3b96eeb9a932b55c9ef13f5a9649c30bde86ac14 (patch) | |
tree | a2357e867a70cc6bb7ad8c4f3154e832b2a094cc /docs/source/configuration.rst | |
parent | 1e97c1c6537724fc3f4866da06b1e380471c1c06 (diff) | |
download | logactio-3b96eeb9a932b55c9ef13f5a9649c30bde86ac14.tar.gz logactio-3b96eeb9a932b55c9ef13f5a9649c30bde86ac14.tar.xz logactio-3b96eeb9a932b55c9ef13f5a9649c30bde86ac14.zip |
Added a new threshold parameter: threshold-type
This can be set to either 'rule' or 'exact'. If not defined,
it defaults to 'rule' which is exactly the same as before.
In 'rule' mode, the threshould counter is increased each time
the regular expression triggers a match.
By switching to 'exact', it will be defined a threshold counter
based on the conntents of the regex groups when a match is found.
This gives a more fine grained threshold counter, which can be
used for example for blocking specific IP addresses after a
certain number of failed attempts is caught.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'docs/source/configuration.rst')
-rw-r--r-- | docs/source/configuration.rst | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/docs/source/configuration.rst b/docs/source/configuration.rst index 9ee3cb3..6353142 100644 --- a/docs/source/configuration.rst +++ b/docs/source/configuration.rst @@ -1,4 +1,4 @@ -.. Copyright 2012 David Sommerseth <dazo@users.sourceforge.net> +.. Copyright 2012 - 2013 David Sommerseth <dazo@users.sourceforge.net> This is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -330,6 +330,15 @@ A Rules section consists of two required configuration variables: This sets how many times this event should match before triggering the reporter. +* threshold-type: + + This defines how the threshold counter works. By default, it is set to + *rule*. This will increase the "hit counter" each time this watch rule + is triggered. By setting the *threshold-type* parameter to *exact* it + will also consider the regex groups defined in the *regex* parameter. + When using the *exact* type, it will have individual threshold counters + per group contents for each time this rule is triggered. + The optional settings are: * reporters |