DrZl0

Logstash - Suricata fast.log

Sep 11th, 2020 (edited)
870
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Строчечка парсит fast.log сурикаты
  2.  
  3. %{GREEDYDATA:timestamp}   ?\[?\*?\*?\] ?\[%{INT}:%{INT}:%{INT}?\] %{WORD} %{WORD} %{GREEDYDATA:signature}  ?\[?\*?\*?\] ?\[%{WORD}: %{GREEDYDATA:classification}?\] ?\[%{WORD}: %{INT:priority}?\] ?\{%{WORD:protocol}?\} %{IP:ip.source}:%{INT:port.source} -> %{IP:ip.dst}:%{INT:port.dst}
RAW Paste Data