diff --git a/hp-labrea/labrea-idea.py b/hp-labrea/labrea-idea.py
index 71cc70b10fa7f67ef6572d78eb538172aece81aa..85e3db60bc54877ef8046ec2a2ab2c96c5197f69 100755
--- a/hp-labrea/labrea-idea.py
+++ b/hp-labrea/labrea-idea.py
@@ -466,13 +466,22 @@ RE_LIST = (
     # 1493035442 Initial Connect - tarpitting: 89.163.242.15 56736 -> 195.113.254.182 9898
     # 1493037991 Inbound SYN/ACK: 185.62.190.15 21001 -> 195.113.252.222 15584
     (
-        re.compile(r'([0-9]+) ([^:]*:) ([^ ]+) ([0-9]+) -> ([^ ]+) ([0-9]+).*'),
+        re.compile(r'([0-9]+) (Initial Connect - tarpitting:|Inbound SYN/ACK:) ([^ ]+) ([0-9]+) -> ([^ ]+) ([0-9]+).*'),
         namedtuple("connect_tuple", ("timestamp", "message", "src_ip", "src_port", "tgt_ip", "tgt_port"))
     ),
     # 1493035442 Responded to a Ping: 88.86.96.25 -> 195.113.253.87 *
     (
-        re.compile(r'([0-9]+) ([^:]*:) ([^ ]+) -> ([^ ]+).*'),
+        re.compile(r'([0-9]+) (Responded to a Ping:) ([^ ]+) -> ([^ ]+).*'),
         namedtuple("ping_tuple", ("timestamp", "message", "src_ip", "tgt_ip"))
+    ),
+    # 1645797338 Capturing local IP 195.113.252.187
+    # 1645797339 Persist Activity: 45.227.253.45 64088 -> 195.113.254.67 3136 *
+    # 1645797340 Additional Activity 195.113.253.198
+    # 1645857629 Linux Persist Activity: 61.177.172.89 12241 -> 195.113.253.252 22 *
+    # 1645857629 Persist Trapping: 103.66.50.44 62229 -> 195.113.252.5 445 *
+    (
+        re.compile(r'([0-9]+) (?:Capturing local|Persist Activity:|Additional Activity|Linux Persist Activity:|Persist Trapping:).*'),
+        None
     )
 )
 
@@ -481,6 +490,8 @@ def match_event(line):
     for labrea_re, event_tuple in RE_LIST:
         match = labrea_re.match(line)
         if match:
+            if not event_tuple:
+                return None
             return event_tuple(*match.groups())
     logging.info("Unmatched line: \"%s\"" % line.replace("\n", r"\n"))
     return None