View difference between Paste ID: vAgyiEuD and K6yqGqse
SHOW: | | - or go back to the newest paste.
1
input {
2
#  relp {
3
#    type => "relp"
4
#    port => 2514
5
#  }
6
  syslog {
7
    type => "syslog"
8
    port => 514
9
  }
10
}
11
12-
# From http://cookbook.logstash.net/recipes/syslog-pri/
12+
13-
filter {
13+
14-
  grok {
14+
15-
      type => "syslog"
15+
16-
      pattern => [ "<%{POSINT:syslog_pri}>%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{PROG:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" ]
16+
17-
      add_field => [ "received_at", "%{@timestamp}" ]
17+