Hi Wasim,
thx for your reply.
So it means i should use logstash parser for metron?
Is there any documentation about use logstash parser for metron?
I didn't found any documentation about that on metron.
i just find logstash basic parser but there is no documentation about that.
On 23/10/17
Hi Youzha,
It should be possible to add multiple patterns in a single config file. For
reference, you can check out the use of multiple patterns in a repo I
maintain [1].
You would find the patterns in [2] useful for your use-case.
However, do note that there is a cost to every grok failure [3]
Hi, is that possible to using multiple pattern grok parser ini 1 pattern
file?
i’m trying to parsing authlog file in /var/log/secure into metron. the
problem is there are different structures of logs inside /var/log/secure.
any suggest for this pls?
Best Regards,
hi all,
thx for your reply.
my profiler has been succeed now.
thanks for your help guys
On Sun, 22 Oct 2017 at 03.53 Otto Fowler wrote:
> Is that available in the version he is using?
>
>
> On October 21, 2017 at 08:23:01, Nick Allen (n...@nickallen.org) wrote:
>
> Did