redmine-logs Log Parser

« redmine-logs »
v0.2 by LePresidente
Log parser

Parse redmine logs

Installation

cscli parsers install LePresidente/redmine-logs

Description

Parser for Redmine Logs.

---
filenames:
 - /var/log/production.log
labels:
  type: redmine

---
source: docker
container_name:
 - Redmine
#container_id:
# - 843ee92d231b
labels:
  type: redmine

YAML Configuration

1onsuccess: next_stage
2#debug: false
3name: LePresidente/redmine-logs
4description: "Parse redmine logs"
5filter: "evt.Parsed.program == 'redmine'"
6pattern_syntax:
7  REDMINE_CUSTOMUSER: "(%{EMAILADDRESS}|%{USERNAME})"
8nodes:
9  - grok:
10      pattern: '\[%{TIMESTAMP_ISO8601:timestamp} .*\]  %{LOGLEVEL:loglevel} .*: Failed login for \S%{REDMINE_CUSTOMUSER:username}\S from %{IP:source_ip} at %{GREEDYDATA:date}'
11      apply_on: message
12      statics:
13        - meta: log_type
14          value: redmine_failed_auth
15
16statics:
17    - meta: service
18      value: redmine
19    - meta: source_ip
20      expression: "evt.Parsed.source_ip"
21    - target: evt.StrTime
22      expression: "evt.Parsed.timestamp + \"Z\""

Hub configuration

« redmine-logs »v0.2 by LePresidenteLog parser

« redmine-logs »
v0.2 by LePresidente
Log parser