logstash-filter-grok 4.1.0 → 4.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/docs/index.asciidoc +6 -0
- data/logstash-filter-grok.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a6b0f1fa69a37ff0ac0c1d44d599c1d09abb706f28b12ed8bdf0299ef82eb461
|
4
|
+
data.tar.gz: c6b6941aa1c16a5594ec7f30b08eaec2b5e1ddc7e2e1e41c541248520d2be852
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f0917c22df8a3f0f14b684e232f5b1eb9213aa36f5450ac4e28eb3ac547bac510d3d6baf2134a77fc181fdb2f94d063b91a1cba90982f25cdceaaffe9a2b377b
|
7
|
+
data.tar.gz: 03c469b35434026dd05651b624122020c8f98ef4a2cf7a156a6ab03aee704575e18c3540ec5c36d6f5235609e6ee3551168e094bded7120860326b339703a97e
|
data/CHANGELOG.md
CHANGED
data/docs/index.asciidoc
CHANGED
@@ -143,15 +143,21 @@ For example, doing the postfix queue id example as above:
|
|
143
143
|
|
144
144
|
Then use the `patterns_dir` setting in this plugin to tell logstash where
|
145
145
|
your custom patterns directory is. Here's a full example with a sample log:
|
146
|
+
|
146
147
|
[source,ruby]
|
148
|
+
-----
|
147
149
|
Jan 1 06:25:43 mailserver14 postfix/cleanup[21403]: BEF25A72965: message-id=<20130101142543.5828399CCAF@mailserver14.example.com>
|
150
|
+
-----
|
151
|
+
|
148
152
|
[source,ruby]
|
153
|
+
-----
|
149
154
|
filter {
|
150
155
|
grok {
|
151
156
|
patterns_dir => ["./patterns"]
|
152
157
|
match => { "message" => "%{SYSLOGBASE} %{POSTFIX_QUEUEID:queue_id}: %{GREEDYDATA:syslog_message}" }
|
153
158
|
}
|
154
159
|
}
|
160
|
+
-----
|
155
161
|
|
156
162
|
The above will match and result in the following fields:
|
157
163
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-filter-grok'
|
4
|
-
s.version = '4.1.
|
4
|
+
s.version = '4.1.1'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "Parses unstructured event data into fields"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-filter-grok
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.1.
|
4
|
+
version: 4.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-08-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|