sheppy/logstash-verify
1
0
Fork 0
mirror of https://github.com/FAUSheppy/logstash-verify synced 2025-12-06 06:31:37 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
master
logstash-verify/pipe/base.yml

17 lines
553 B
YAML
Raw Permalink Blame History

filter {
if [type] == "syslog" {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
remove_field => ["message"]
}
date {
match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
target => "@timestamp"
remove_field => ["syslog_timestamp"]
}
mutate {
remove_field => ["host"]
}
}
}
Reference in New Issue View Git Blame Copy Permalink