cscli parsers install LePresidente/overseerr-logsParser for Overseerr Logs.
---
source: docker
container_name:
- overseerr
#container_id:
# - 843ee92d231b
labels:
type: overseerr1onsuccess: next_stage2#debug: false3name: LePresidente/overseerr-logs4description: "Parse Overseerr logs"5filter: "evt.Parsed.program == 'overseerr'"6pattern_syntax:7 OVERSEERR_CUSTOMUSER: "(%{EMAILADDRESS}|%{USERNAME})"8nodes:9 - grok:10 pattern: '(%{RFC3339:timestamp})?.*Failed sign-in attempt using invalid .* password.*{"ip":"::ffff:%{IP:source_ip}","email":"%{OVERSEERR_CUSTOMUSER:username}"}'11 apply_on: message12 statics:13 - meta: log_type14 value: overseerr_failed_auth15 - grok:16 pattern: '(%{RFC3339:timestamp})?.*Failed login attempt from user with incorrect.*credentials {"account":{"ip":"::ffff:%{IP:source_ip}","email":"%{OVERSEERR_CUSTOMUSER:username}","password":"__REDACTED__"}}'17 apply_on: message18 statics:19 - meta: log_type20 value: overseerr_failed_auth21 - grok:22 pattern: '(%{RFC3339:timestamp})?.*Failed sign-in attempt using invalid .* password.*{"ip":"%{IP:source_ip}","email":"%{OVERSEERR_CUSTOMUSER:username}"}'23 apply_on: message24 statics:25 - meta: log_type26 value: overseerr_failed_auth27 - grok:28 pattern: '(%{RFC3339:timestamp})?.*Failed login attempt from user with incorrect.*credentials {"account":{"ip":"%{IP:source_ip}","email":"%{OVERSEERR_CUSTOMUSER:username}","password":"__REDACTED__"}}'29 apply_on: message30 statics:31 - meta: log_type32 value: overseerr_failed_auth33statics:34 - meta: service35 value: overseerr36 - meta: source_ip37 expression: "evt.Parsed.source_ip"38 - meta: user39 expression: "evt.Parsed.username"40 - target: evt.StrTime41 expression: evt.Parsed.timestamp