Skip to content

Instantly share code, notes, and snippets.

View arodd's full-sized avatar

Austin Workman arodd

  • HashiCorp
  • Twin Cities, MN
View GitHub Profile
@arodd
arodd / pfsense2-2.grok
Last active March 29, 2016 05:13 — forked from elijahpaul/pfsense2-2.grok
pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{LOG_DATA}%{IP_SPECIFIC_DATA}%{IP_DATA}%{PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by E. Paul
#
# Usage: Use with following GROK match pattern