adguardhome-logs Configuration

« adguardhome-logs »
v0.3 by LePresidente
Log parser

Parse adguardhome logs

Installation

cscli parsers install LePresidente/adguardhome-logs

Description

Parser for AdGuardHome Logs.

---
filenames:
 - /var/log/AdGuardHome.log
labels:
  type: adguardhome

---
source: docker
container_name:
 - AdGuardHome
#container_id:
# - 843ee92d231b
labels:
  type: adguardhome

YAML Configuration

1onsuccess: next_stage
2#debug: false
3name: LePresidente/adguardhome-logs
4description: "Parse adguardhome logs"
5filter: "evt.Parsed.program == 'adguardhome'"
6nodes:
7  - grok:
8      pattern: '%{DATE_X:date} %{TIME:time}.* POST %{HOSTNAME} /control/login: from ip %{IP:source_ip}: invalid username or password$'
9      apply_on: message
10      statics:
11        - meta: log_type
12          value: adguardhome_failed_auth
13  - grok:
14      pattern: '%{DATE_X:date} %{TIME:time}.* POST %{IP:source_ip} /control/login: invalid username or password$'
15      apply_on: message
16      statics:
17        - meta: log_type
18          value: adguardhome_failed_auth
19
20
21statics:
22    - meta: service
23      value: adguardhome
24    - meta: source_ip
25      expression: "evt.Parsed.source_ip"
26    - target: evt.StrTime
27      expression: "evt.Parsed.date + ' ' + evt.Parsed.time"

Hub configuration

« adguardhome-logs »v0.3 by LePresidenteLog parser

« adguardhome-logs »
v0.3 by LePresidente
Log parser