SHOW:
|
|
- or go back to the newest paste.
1 | input { | |
2 | # relp { | |
3 | # type => "relp" | |
4 | # port => 2514 | |
5 | # } | |
6 | syslog { | |
7 | type => "syslog" | |
8 | port => 514 | |
9 | } | |
10 | } | |
11 | ||
12 | - | # From http://cookbook.logstash.net/recipes/syslog-pri/ |
12 | + | |
13 | - | filter { |
13 | + | |
14 | - | grok { |
14 | + | |
15 | - | type => "syslog" |
15 | + | |
16 | - | pattern => [ "<%{POSINT:syslog_pri}>%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{PROG:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" ] |
16 | + | |
17 | - | add_field => [ "received_at", "%{@timestamp}" ] |
17 | + |