API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 12th, 2016
772
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.22 KB | None | 0 0
raw download clone embed print report
  1. {:timestamp=>"2016-02-12T16:17:24.890000-0500", :
  2. message=>"Failed action. ", :status=>400, :action=>["index", {:_id=>nil, :_index=>"logstash-2016.02.12", :_type=>"utm",
  3. :_routing=>nil}, #<LogStash::Event:0x52868ccd @metadata_accessors=#<LogStash::Util::Accessors:0x341c097f
  4. @store={"path"=>"/var/log/network.log"}, @lut={"[path]"=>[{"path"=>"/var/log/network.log"}, "path"]}>,
  5. @cancelled=false,
  6. @data={"@version"=>"1",
  7. "@timestamp"=>"2016-02-12T21:17:23.000Z",
  8. "host"=>"localhost",
  9. "path"=>"/var/log/network.log",
  10. "type"=>"utm",
  11. "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}},
  12. @metadata={"path"=>"/var/log/network.log"},
  13. @accessors=#<LogStash::Util::Accessors:0x2d6ef408
  14. @store={"@version"=>"1",
  15. "@timestamp"=>"2016-02-12T21:17:23.000Z",
  16. "host"=>"localhost",
  17. "path"=>"/var/log/network.log",
  18. "type"=>"utm",
  19. "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}},
  20. @lut={"host"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "host"], "path"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "path"], "type"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "type"], "message"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "message"], "logtimestamp"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "logtimestamp"], "kv"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "kv"], "@timestamp"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "@timestamp"], "dstip"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "dstip"], "geoip"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm", "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}}, "geoip"], "[type]"=>[{"@version"=>"1", "@timestamp"=>"2016-02-12T21:17:23.000Z", "host"=>"localhost", "path"=>"/var/log/network.log", "type"=>"utm",
  21. "kv"=>"chrgftg.chrg.reg03.rtss.qc.ca date=2016-02-12 time=16:17:30 devname=FG-200D-SLAVE devid=FG200D3915800916 logid=1059028705 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=warning vd=\"root\" appid=16009 user=\"GIGN1027\" group=\"G_Internet_Web_FTP\" srcip=10.24.236.118 srcport=49254 srcintf=\"port1\" dstip=184.84.243.224 dstport=80 dstintf=\"wan1\" proto=6 service=\"HTTP\" policyid=514 sessionid=32955936 applist=\"APP-default\" appcat=\"Update\" app=\"MS.Windows.Update\" action=block hostname=\"ctldl.windowsupdate.com\" url=\"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00\" msg=\"Update: MS.Windows.Update,\" apprisk=elevated", "date"=>"2016-02-12", "time"=>"16:17:30", "devname"=>"FG-200D-SLAVE", "devid"=>"FG200D3915800916", "logid"=>"1059028705", "subtype"=>"app-ctrl", "eventtype"=>"app-ctrl-all", "level"=>"warning", "vd"=>"root", "appid"=>"16009", "user"=>"GIGN1027", "group"=>"G_Internet_Web_FTP", "srcip"=>"10.24.236.118", "srcport"=>"49254", "srcintf"=>"port1", "dstip"=>"184.84.243.224", "dstport"=>"80", "dstintf"=>"wan1", "proto"=>"6", "service"=>"HTTP", "policyid"=>"514", "sessionid"=>"32955936", "applist"=>"APP-default", "appcat"=>"Update", "app"=>"MS.Windows.Update", "action"=>"block", "hostname"=>"ctldl.windowsupdate.com", "url"=>"/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c9eb911b718d9f00", "msg"=>"Update: MS.Windows.Update,", "apprisk"=>"elevated", "geoip"=>{"ip"=>"184.84.243.224", "country_code2"=>"US", "country_code3"=>"USA", "country_name"=>"United States", "continent_code"=>"NA", "region_name"=>"MA", "city_name"=>"Cambridge", "postal_code"=>"02142", "latitude"=>42.362599999999986, "longitude"=>-71.0843, "dma_code"=>506, "area_code"=>617, "timezone"=>"America/New_York", "real_region_name"=>"Massachusetts", "location"=>[-71.0843, 42.362599999999986]}},
  22. "type"]}>>], :response=>{"create"=>{"_index"=>"logstash-2016.02.12", "_type"=>"utm", "_id"=>"AVLXWHW2u6qHm0HnPZyp",
  23. "status"=>400, "error"=>{"type"=>"mapper_parsing_exception", "reason"=>"failed to parse [srcip]", "caused_by"=>{"type"=>"number_format_exception", "reason"=>"For input string: \"10.24.236.118\""}}}}, :level=>:warn}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!