From dbf849edbd1ef393510f42d3b37fff1105b33ed4 Mon Sep 17 00:00:00 2001 From: Andrew <a@3ilson.com> Date: Tue, 10 Sep 2019 09:08:55 -0400 Subject: [PATCH] Update 11-pf.conf Referenced OPENVPN grok pattern (compliments from swedismike). --- 11-pf.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/11-pf.conf b/11-pf.conf index fc61eb5..e4675ac 100644 --- a/11-pf.conf +++ b/11-pf.conf @@ -61,6 +61,7 @@ filter { if [prog] =~ /^openvpn/ { mutate { add_tag => [ "openvpn" ] + match => [ "message", "%{OPENVPN}" } } if [prog] =~ /^ntpd/ { -- GitLab