Mauricio A. Valencia M. mauroretch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GROK Custom Patterns (add to patterns directory and reference in GROK filter for iptables events): | |
| # GROK Patterns for iptables Logging Format | |
| # | |
| # Created 6 Aug 2016 by Brian Turek <brian.turek@gmail.com> | |
| # Most of this was taken from another source but now I cannot find it for credit | |
| # | |
| # Usage: Use the IPTABLES pattern | |
| NETFILTERMAC %{MAC:dest_mac}:%{MAC:src_mac}:%{ETHTYPE:ethtype} | |
| ETHTYPE (?:(?:[A-Fa-f0-9]{2}):(?:[A-Fa-f0-9]{2})) |