Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit 94006518 authored by Andrew's avatar Andrew Committed by GitHub
Browse files

Update 15-others.conf

parent 81a0780b
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 3 additions and 3 deletions
conf.d/15-others.conf
+ 3
3
View file @ 94006518
...@@ -7,7 +7,7 @@ filter { ...@@ -7,7 +7,7 @@ filter {
} }
grok { grok {
patterns_dir => ["/etc/logstash/conf.d/patterns"] patterns_dir => ["/etc/logstash/conf.d/patterns"]
match => [ "message", "%{DHCPD}"] match => [ "syslog_message", "%{DHCPD}"]
} }
} }
if [syslog_program] =~ /^charon$/ { if [syslog_program] =~ /^charon$/ {
...@@ -26,7 +26,7 @@ filter { ...@@ -26,7 +26,7 @@ filter {
} }
grok { grok {
patterns_dir => ["/etc/logstash/conf.d/patterns"] patterns_dir => ["/etc/logstash/conf.d/patterns"]
match => [ "message", "%{OPENVPN}"] match => [ "syslog_message", "%{OPENVPN}"]
} }
} }
if [syslog_program] =~ /^ntpd/ { if [syslog_program] =~ /^ntpd/ {
...@@ -40,7 +40,7 @@ filter { ...@@ -40,7 +40,7 @@ filter {
} }
grok { grok {
patterns_dir => ["/etc/logstash/conf.d/patterns"] patterns_dir => ["/etc/logstash/conf.d/patterns"]
match => [ "message", "%{PF_APP}%{PF_APP_DATA}"] match => [ "syslog_message", "%{PF_APP}%{PF_APP_DATA}"]
} }
mutate { mutate {
lowercase => [ 'pf_ACTION' ] lowercase => [ 'pf_ACTION' ]
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Another place to be (or not)