Skip to content

Instantly share code, notes, and snippets.

@ddpbsd

ddpbsd/local_decoder.xml

Created March 16, 2016 11:41
Show Gist options
  • Save ddpbsd/73307253717a6e252c62 to your computer and use it in GitHub Desktop.
Save ddpbsd/73307253717a6e252c62 to your computer and use it in GitHub Desktop.
Download ZIP
nginx syslog decoder
Raw
local_decoder.xml
<decoder name="nginx-syslog">
<program_name>^nginx</program_name>
<type>web-log</type>
</decoder>
<decoder name="nginx-syslog-2">
<parent>nginx-syslog</parent>
<regex>^(\S+) (\S+) - [\d\d/\S\S\S/\d\d\d\d:\d\d:\d\d:\d\d \S\d\d\d\d] "(\S+) (\S+) HTTP\S+" (\d\d\d) </regex>
<order>extra_data, srcip, action, url, status</order>
</decoder>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment