chg: [sshd] modify parser to accept any characters in hostname and username

gallypette · gallypette · commit 3818bdab6bcc · 2020-01-27T15:34:54.000+01:00
diff --git a/logparser/parser_test.go b/logparser/parser_test.go
@@ -18,7 +18,7 @@ var expected = map[int]map[string]string{
 	},
 	1: map[string]string{
 		"date":     "Jan 22 11:37:19",
-		"host":     "sigmund",
+		"host":     "si.mund",
 		"username": "gestion",
 		"src":      "159.89.153.54",
 	},
@@ -37,7 +37,7 @@ var expected = map[int]map[string]string{
 	4: map[string]string{
 		"date":     "Jan 22 11:29:16",
 		"host":     "sigmund",
-		"username": "admin",
+		"username": "a.min",
 		"src":      "185.56.8.191",
 	},
 }
@@ -53,7 +53,7 @@ func TestSshdParser(t *testing.T) {
 	scanner := bufio.NewScanner(f)
 	c := 0
 	for scanner.Scan() {
-		re := regexp.MustCompile(`^(?P<date>[[:alpha:]]{3}\s\d{2}\s\d{2}:\d{2}:\d{2}) (?P<host>[[:word:]]+) sshd\[[[:alnum:]]+\]: Invalid user (?P<username>[[:word:]]+) from (?P<src>.*$)`)
+		re := regexp.MustCompile(`^(?P<date>[[:alpha:]]{3}\s\d{2}\s\d{2}:\d{2}:\d{2}) (?P<host>[^ ]+) sshd\[[[:alnum:]]+\]: Invalid user (?P<username>[^ ]+) from (?P<src>.*$)`)
 		n1 := re.SubexpNames()
 		r2 := re.FindAllStringSubmatch(scanner.Text(), -1)[0]
 
diff --git a/logparser/test.log b/logparser/test.log
@@ -1,5 +1,5 @@
 Jan 22 11:59:37 sigmund sshd[26514]: Invalid user git from 106.12.14.144
-Jan 22 11:37:19 sigmund sshd[26143]: Invalid user gestion from 159.89.153.54
+Jan 22 11:37:19 si.mund sshd[26143]: Invalid user gestion from 159.89.153.54
 Jan 22 11:34:46 sigmund sshd[26125]: Invalid user atpco from 177.152.124.21
 Jan 22 11:33:07 sigmund sshd[26109]: Invalid user ki from 49.233.183.158
-Jan 22 11:29:16 sigmund sshd[26091]: Invalid user admin from 185.56.8.191
+Jan 22 11:29:16 sigmund sshd[26091]: Invalid user a.min from 185.56.8.191
