uptime-kuma-logs Configuration

« uptime-kuma-logs »
v0.2 by timokoessler
Log parser

Parse Uptime Kuma Logs

Installation

cscli parsers install timokoessler/uptime-kuma-logs

Description

Parser for Uptime Kuma Logs.

Uptime Kuma version 1.15.0 or higher is required.

Example acquisition for Docker:

---
source: docker
container_name:
 - my_container_name
labels:
  type: uptime-kuma

YAML Configuration

1onsuccess: next_stage
2filter: "Upper(evt.Parsed.program) == 'UPTIME-KUMA'"
3name: timokoessler/uptime-kuma-logs
4description: "Parse Uptime Kuma Logs"
5nodes:
6  - grok:
7      pattern: '^%{TIMESTAMP_ISO8601:timestamp} \[AUTH\] WARN: Incorrect username or password for user %{DATA:username}\. IP=%{IP:source_ip}$'
8      apply_on: message
9      statics:
10        - meta: log_type
11          value: uptime_kuma_failed_password
12  - grok:
13      pattern: '^%{TIMESTAMP_ISO8601:timestamp} \[AUTH\] WARN: Invalid token provided for user %{DATA:username}\. IP=%{IP:source_ip}$'
14      apply_on: message
15      statics:
16        - meta: log_type
17          value: uptime_kuma_failed_totp
18
19statics:
20    - meta: service
21      value: uptime-kuma
22    - meta: source_ip
23      expression: "evt.Parsed.source_ip"
24    - target: evt.StrTime
25      expression: "evt.Parsed.timestamp"
26    - meta: username
27      expression: evt.Parsed.username
28

Hub configuration

« uptime-kuma-logs »v0.2 by timokoesslerLog parser

« uptime-kuma-logs »
v0.2 by timokoessler
Log parser