Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit f4e95eb8 authored by Andrew's avatar Andrew Committed by GitHub
Browse files

Update 15-others.conf

parent 4dc97903
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 7 additions and 7 deletions
conf.d/15-others.conf
+ 7
7
View file @ f4e95eb8
# 15-others.conf # 15-others.conf
filter { filter {
if "pf" in [tags] { if "pf" in [tags] {
if [application] =~ /^dhcpd$/ { if [syslog_program] =~ /^dhcpd$/ {
mutate { mutate {
add_tag => [ "dhcpd" ] add_tag => [ "dhcpd" ]
} }
...@@ -10,17 +10,17 @@ filter { ...@@ -10,17 +10,17 @@ filter {
match => [ "message", "%{DHCPD}"] match => [ "message", "%{DHCPD}"]
} }
} }
if [application] =~ /^charon$/ { if [syslog_program] =~ /^charon$/ {
mutate { mutate {
add_tag => [ "ipsec" ] add_tag => [ "ipsec" ]
} }
} }
if [application] =~ /^barnyard2/ { if [syslog_program] =~ /^barnyard2/ {
mutate { mutate {
add_tag => [ "barnyard2" ] add_tag => [ "barnyard2" ]
} }
} }
if [application] =~ /^openvpn/ { if [syslog_program] =~ /^openvpn/ {
mutate { mutate {
add_tag => [ "openvpn" ] add_tag => [ "openvpn" ]
} }
...@@ -29,12 +29,12 @@ filter { ...@@ -29,12 +29,12 @@ filter {
match => [ "message", "%{OPENVPN}"] match => [ "message", "%{OPENVPN}"]
} }
} }
if [application] =~ /^ntpd/ { if [syslog_program] =~ /^ntpd/ {
mutate { mutate {
add_tag => [ "ntpd" ] add_tag => [ "ntpd" ]
} }
} }
if [application] =~ /^php-fpm/ { if [syslog_program] =~ /^php-fpm/ {
mutate { mutate {
add_tag => [ "web_portal" ] add_tag => [ "web_portal" ]
} }
...@@ -46,7 +46,7 @@ filter { ...@@ -46,7 +46,7 @@ filter {
lowercase => [ 'pf_ACTION' ] lowercase => [ 'pf_ACTION' ]
} }
} }
if [application] =~ /^apinger/ { if [syslog_program] =~ /^apinger/ {
mutate { mutate {
add_tag => [ "apinger" ] add_tag => [ "apinger" ]
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Another place to be (or not)