Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
26 lines (22 sloc) 778 Bytes
import org.graylog2.messagehandlers.gelf.GELFMessage
rule "Overwrite localhost host"
when
m : GELFMessage( host == "localhost" && version == "1.0" )
then
m.setHost( "localhost.example.com" );
System.out.println( "[Overwrite localhost rule fired] : " + m.toString() );
end
rule "Drop all messages from www1 facility"
when
m : GELFMessage( host == "www1" && facility == "graylog2-test" )
then
m.setFilterOut(true);
System.out.println( "[Drop all messages from www1 facility rule fired] : " + m.toString() );
end
rule "Drop UDP and ICMP Traffic from firewall"
when
m : GELFMessage( fullMessage matches "(?i).*(ICMP|UDP) Packet(.|\n|\r)*" )
then
m.setFilterOut(true);
System.out.println("[Drop all syslog ICMP and UDP traffic] : " + m.toString() );
end
Something went wrong with that request. Please try again.