Skip to content

Instantly share code, notes, and snippets.

Avatar

Brady Vidovic bradvido

  • MN
View GitHub Profile
@bradvido
bradvido / pfsense2-2.grok
Last active Jan 1, 2016 — forked from elijahpaul/pfsense2-2.grok
pfsense2-2.grok
View pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{LOG_DATA}%{IP_SPECIFIC_DATA}%{IP_DATA}%{PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by E. Paul
#
# Usage: Use with following GROK match pattern
@bradvido
bradvido / pfsense2-2.conf
Created Jan 1, 2016 — forked from elijahpaul/pfsense2-2.conf
pfSense 2.2 Logstash Filter
View pfsense2-2.conf
# Use this filter with pattern file https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
filter {
if "PFSense" in [tags] {
grok {
add_tag => [ "firewall" ]
match => [ "message", "<(?<evtid>.*)>(?<datetime>(?:Jan(?:uary)?|Feb(?:ruary)?|Mar(?:ch)?|Apr(?:il)?|May|Jun(?:e)?|Jul(?:y)?|Aug(?:ust)?|Sep(?:tember)?|Oct(?:ober)?|Nov(?:ember)?|Dec(?:ember)?)\s+(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9]) (?:2[0123]|[01]?[0-9]):(?:[0-5][0-9]):(?:[0-5][0-9])) (?<prog>.*?): (?<msg>.*)" ]
}
mutate {
gsub => ["datetime"," "," "]
}
View gist:69f14d58bf345754452a
$.on("newpost", ".my-wall", function(message) {
if (message.text.toLowerCase().indexOf("happy birthday")) {
facebook.commentOn(message, "Thank You " + message.from.fullName + "!");
}
});
You can’t perform that action at this time.