I would ask if someone use Grok log parsing for stunnel and, if yes,
what kind of filter statement are you using?
At the moment I've just created 2 parser:
STUNNEL_AcceptedConnectionParser
%{date("yyyy.MM.dd HH:mm:ss"):date}
LOG%{integer:loglevel}\[%{integer:session_id}\]\: Service
\[%{word:csb_name}\-%{word:csb_port}\] accepted connection from
%{ipv4:caller_ip}\:%{port:caller_port}
and
STUNNEL_ConnectionClosedParser
%{date("yyyy.MM.dd HH:mm:ss"):date}
LOG%{integer:loglevel}\[%{integer:session_id}\]\: Connection closed\:
%{integer:byte_tx} byte\(s\) sent to SSL\, %{integer:byte_rx}
byte\(s\) sent to socket
I'm new with Grok and all the things related to log match-and-parse,
so I think that there will be a much better solution than mine, anyway
Google this time doesn't help unfortunately.
Thank you so much to all those who will help me with this stuff!
Manuele
_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
