paperless-ngx-logs Configuration

« paperless-ngx-logs »
v0.5 by andreasbrett
Log parser

Parse paperless-ngx logs

Installation

cscli parsers install andreasbrett/paperless-ngx-logs

Description

Parser for Paperless-ngx Logs.

---
filenames:
    - /var/log/paperless.log
labels:
    type: Paperless-ngx

YAML Configuration

1onsuccess: next_stage
2filter: "Upper(evt.Parsed.program) == 'PAPERLESS-NGX'"
3name: andreasbrett/paperless-ngx-logs
4description: "Parse paperless-ngx logs"
5pattern_syntax:
6    DATE_YMD: "%{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day}"
7    PAPERLESS_NGX_USER: "%{USERNAME}|%{EMAILADDRESS}"
8nodes:
9    - grok:
10          # Paperless-ngx v1.14.0 to v1.16.5
11          pattern: '\[%{DATE_YMD:date} %{TIME:time}\] \[INFO\] \[paperless\.auth\] Login failed for user `%{PAPERLESS_NGX_USER:username}` from (private )?IP `%{IP:source_ip}\.`'
12          apply_on: message
13          statics:
14              - meta: log_type
15                value: paperless_ngx_failed_auth
16              - meta: username
17                expression: evt.Parsed.username
18    - grok:
19          # Paperless-ngx v1.16.6+
20          pattern: '\[%{DATE_YMD:date} %{TIME:time}\] \[INFO\] \[paperless\.auth\] Login failed for user `%{PAPERLESS_NGX_USER:username}` from (private )?IP `%{IP:source_ip}`\.'
21          apply_on: message
22          statics:
23              - meta: log_type
24                value: paperless_ngx_failed_auth
25              - meta: username
26                expression: evt.Parsed.username
27
28statics:
29    - meta: service
30      value: paperless-ngx
31    - meta: source_ip
32      expression: "evt.Parsed.source_ip"
33    - target: evt.StrTime
34      expression: "evt.Parsed.date + ' ' + evt.Parsed.time"
35

Hub configuration

« paperless-ngx-logs »v0.5 by andreasbrettLog parser

« paperless-ngx-logs »
v0.5 by andreasbrett
Log parser