tomasdanjonsson/syslog.grok

Created May 5, 2023 21:04

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/tomasdanjonsson/0a1040619b226ebdfd4c5b3b7868914d.js"></script>
Save tomasdanjonsson/0a1040619b226ebdfd4c5b3b7868914d to your computer and use it in GitHub Desktop.

Download ZIP

Grok Expression for syslog

Raw

syslog.grok

<%{POSINT:priority}>%{SPACE}%{SYSLOGTIMESTAMP:timestamp}%{SPACE}%{SYSLOGHOST:hostname}%{SPACE}%{DATA:application}\[%{POSINT:pid}\]:%{SPACE}%{GREEDYDATA:message}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment