Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "nginx.access.user_name" => "-",
- "nginx.access.response_code" => "200",
- "nginx.access.domain" => "website.company.com",
- "source" => "/var/log/nginx/access.log",
- "type" => "nginx-access",
- "nginx.access.url" => "/wp-login.php?redirect_to=https%3A%2F%2Fwebsite.company.com%3A443%2F",
- "nginx.access.method" => "GET",
- "beattype" => "doc",
- "nginx.access.time" => "14/Dec/2017:23:05:15 +0700",
- "@version" => "1",
- "beat" => {
- "name" => "web09-srv.company.com",
- "hostname" => "web09-srv.company.com",
- "version" => "6.0.1"
- },
- "host" => "web09-srv.company.com",
- "nginx.access.body_sent.bytes" => "12791",
- "user_agent" => {
- "name" => "Other",
- "os_name" => "Windows",
- "os" => "Windows",
- "device" => "Other",
- "build" => ""
- },
- "nginx.access.http_version" => "1.1",
- "geoip" => {},
- "offset" => 6701653,
- "beatname" => "fb-fim-websites",
- "prospector" => {
- "type" => "log"
- },
- "nginx.access.agent" => "\"Mozilla/5.0 (compatible; PRTG Network Monitor (www.paessler.com); Windows)\"",
- "nginx.access.http_forwarder" => "-",
- "message" => "10.65.97.51 - - [14/Dec/2017:23:05:15 +0700] \"website.company.com\" \"GET /wp-login.php?redirect_to=https%3A%2F%2Fwebsite.company.com%3A443%2F HTTP/1.1\" 200 12791 \"-\" \"Mozilla/5.0 (compatible; PRTG Network Monitor (www.paessler.com); Windows)\" \"-\"",
- "nginx.access.remote_ip" => "10.65.97.51",
- "tags" => [
- [0] "beats_input_codec_plain_applied",
- [1] "_geoip_lookup_failure"
- ],
- "nginx.access.ident" => "-",
- "@timestamp" => 2017-12-14T16:05:16.821Z
- }
- {
- "offset" => 874777,
- "beatname" => "fb-fim-websites",
- "prospector" => {
- "type" => "log"
- },
- "source" => "/var/log/secure",
- "message" => "Dec 14 23:06:18 web09-srv sshd[22761]: pam_unix(sshd:session): session opened for user monitor by (uid=0)",
- "type" => "ssh",
- "tags" => [],
- "system.auth.ssh.event" => "session opened",
- "@timestamp" => 2017-12-14T16:06:19.313Z,
- "system.auth.hostname" => "web09-srv",
- "system.auth.user.name" => "monitor",
- "beattype" => "doc",
- "@version" => "1",
- "beat" => {
- "name" => "web09-srv.company.com",
- "hostname" => "web09-srv.company.com",
- "version" => "6.0.1"
- },
- "host" => "web09-srv.company.com",
- "system.auth.timestamp" => "Dec 14 23:06:18",
- "system.auth.pid" => "22761"
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement