/logstash

History for logstash/patterns/linux-syslog
Commits on Dec 17, 2014

  1. removes the patterns from patterns dir

    @jsvd @jordansissel
    jsvd authored and jordansissel committed Dec 12, 2014 
    The core patterns are now provided by the logstash-patterns-core gem.
This empty folder can be used for custom patterns.

Fixes #2228
    12ee26f
Commits on Apr 7, 2014

  1. Improve RFC-5424 app, proc and msgid matching

    @quatre
    quatre committed Mar 10, 2014
    838e07b
Commits on Nov 21, 2013

  1. [LOGSTASH-1630] Syslog 5424 patterns fail to match additional spaces

    @pdf
    pdf committed Nov 21, 2013 
    https://logstash.jira.com/browse/LOGSTASH-1630

Split the start of `SYSLOG5424LINE` out to `SYSLOG5424BASE`, in case
people want to create PAM or CRON patterns, similar to those available
for `SYSLOG`.

Also make syslog5424_sd optionally match nothing, since it seems to be
ommitted entirely with rsyslog's `RSYSLOG_SyslogProtocol23Format` (ie -
there is no SD data, and it is not correctly replaced with a `-`).
    01737e0
Commits on Aug 24, 2013

  1. [syslog5424] do not capture chevrons with priority value

    @bfritz
    bfritz committed Aug 23, 2013 
    Priority is "191", not "<191>".  The syslog_pri filter expects a
raw integer without the extra punctuation.
    0630d51
Commits on Aug 23, 2013

  1. [syslog5424] non-capturing parens since no backreferences needed

    @bfritz
    bfritz committed Aug 22, 2013
    4b34567

  2. [syslog5424] structured data should be nil when RFC NILVALUE is used

    @bfritz
    bfritz committed Aug 22, 2013
    9399082
Commits on Mar 22, 2013

  1. And another one :-( Working in the eve is a **bad** idea.

    Alexander Papaspyrou
    Alexander Papaspyrou committed Mar 22, 2013
    e70c2d0

  2. Meh. Forgot one variable...

    Alexander Papaspyrou
    Alexander Papaspyrou committed Mar 22, 2013
    1
    d9b4b05

  3. Changes wrt. @jordansissel's comments on [my pull request](#415).

    Alexander Papaspyrou
    Alexander Papaspyrou committed Mar 22, 2013
    c0937c5

  4. Added support for IETF 5425 syslog parsing in grok.

    Alexander Papaspyrou
    Alexander Papaspyrou committed Mar 22, 2013
    e332f52
Commits on Nov 9, 2010

  1. - Add support for iso8601 timestamps in syslog messages

    @jordansissel
    jordansissel committed Nov 9, 2010
    65a115f
Commits on Oct 18, 2009

  1. - remove some debugging cruft

    @fetep
    fetep committed Oct 18, 2009 
    - remove sample agent.redhat.rb; sample config is the same thing
- indexers now broadcast to each other and build up a directory
- indexers respond to a directory request and provide a list of indexers
- move some errors/usage messages to $stderr
- refactor search.rb to query all available indexers
    27204e8
Commits on Sep 19, 2009

  1. - Add cron patterns to linux-syslog

    @jordansissel
    jordansissel committed Sep 19, 2009
    3b8a941
Commits on Aug 10, 2009

  1. - capture pid in SYSLOGPROG

    @fetep
    fetep committed Aug 10, 2009 
    - add some linux-syslog patterns
- sample config for linux-syslog
    40f830d