Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → haf → Grok Patterns

haf / Grok Patterns

A repository where you can develop grok patterns for logstash and other services

Programming Languages

ruby

36898 projects - #4 most used programming language

Getting Started

git clone git://github.com/haf/grok-patterns.git
cd grok-patterns
git submodule update --init
./run

When you're in the box (through the script 'run'), edit the file confs/logstash/logstash.conf to change the logstash config.

You can then do

cd /opt/logstash
bin/logstash --configtest -f /etc/logstash/conf.d
=> Configuration OK

To add patterns, add them in /etc/logstash/patterns

Testing Locally

./test groks/audit-EXECVE

References:

http://blog.jasonantman.com/2012/09/rvm-and-ruby-1-9-to-test-logstash-grok-patterns-on-fedoracentos/

About the Patterns

Audit

auditd man page

groks/auditd-EXECVE

Needs mutate filter to extract parameters

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 5

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗