Re: multiple pattern grok parser in 1 file

Hi Wasim, thx for your reply. So it means i should use logstash parser for metron? Is there any documentation about use logstash parser for metron? I didn't found any documentation about that on metron. i just find logstash basic parser but there is no documentation about that. On 23/10/17

Re: multiple pattern grok parser in 1 file

Hi Youzha, It should be possible to add multiple patterns in a single config file. For reference, you can check out the use of multiple patterns in a repo I maintain [1]. You would find the patterns in [2] useful for your use-case. However, do note that there is a cost to every grok failure [3]

multiple pattern grok parser in 1 file

Hi, is that possible to using multiple pattern grok parser ini 1 pattern file? i’m trying to parsing authlog file in /var/log/secure into metron. the problem is there are different structures of logs inside /var/log/secure. any suggest for this pls? Best Regards,

Re: profiler logs

hi all, thx for your reply. my profiler has been succeed now. thanks for your help guys On Sun, 22 Oct 2017 at 03.53 Otto Fowler wrote: > Is that available in the version he is using? > > > On October 21, 2017 at 08:23:01, Nick Allen (n...@nickallen.org) wrote: > > Did