revert: undo service badge filter, parser normalization, and SSH relay

Reverts commits 8c249f6, a6c7cfd, 7ff5703. The SSH log relay approach requires container redeployment and doesn't retroactively fix existing attacker profiles. Rolling back to reassess the approach.
2026-04-14 02:14:46 -04:00
parent 7ff5703250
commit df3f04c10e
8 changed files with 4 additions and 254 deletions
--- a/templates/ssh/entrypoint.sh
+++ b/templates/ssh/entrypoint.sh
@@ -34,8 +34,8 @@ fi
 # Logging pipeline: named pipe → rsyslogd (RFC 5424) → stdout → Docker log capture
 mkfifo /var/run/decnet-logs

-# Relay pipe through Python log_relay — normalizes sshd/bash events to DECNET format
-python3 /opt/log_relay.py &
+# Relay pipe to stdout so Docker captures all syslog events
+cat /var/run/decnet-logs &

 # Start rsyslog (reads /etc/rsyslog.d/99-decnet.conf, writes to the pipe above)
 rsyslogd