Page 1 of 1

Regex help needed

Posted: 30 Jan 2021, 17:34
by dev2
Hello,

I am having trouble with this. Please can someone help me with the custom Regex. I tried to whitelist user in pignore, but not working. Basically I dont want these suspicious file notices as they are false positive, so I need a regex or to know how to whitelist this user:

/tmp/systemd-private-257766520e5e42ec9e011ea44adf928e-elasticsearch.service-O9VmgI/tmp/elasticsearch-16350742201187653773/jna15603940895482760187.tmp


File: /tmp/systemd-private-257766520e5e42ec9e011ea44adf928e-elasticsearch.service-O9VmgI/tmp/elasticsearch-16350742201187653773/jna15603940895482760187.tmp
Reason: Linux Binary
Owner: elasticsearch:elasticsearch (992:985)
Action: No action taken

Thanks very much
Jerry