Skip to content

Instantly share code, notes, and snippets.

@mrlesmithjr

mrlesmithjr/gist:26a72e081aa00c2c2c6c

Created June 18, 2014 14:26
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mrlesmithjr/26a72e081aa00c2c2c6c to your computer and use it in GitHub Desktop.
Save mrlesmithjr/26a72e081aa00c2c2c6c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
using this nxlog.conf https://gist.github.com/mrlesmithjr/cf212836b9ce162373ed
using this logstash.conf https://gist.github.com/mrlesmithjr/72e99caf36fcc2b5d323
My IIS logs being sent from nxlog to logstash is merging multiple IIS log entries into one. Thoughts?
{
"_index": "logstash-2014.06.18",
"_type": "iis",
"_id": "kGtLXBQkSam5h6mOmrTueA",
"_score": null,
"_source": {
"message": "2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx size=small&entity=Orion.VIM.VCenters&status=1 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 54\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/styles/Events.css - 80 - 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 302 0 0 62\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/VIM/Services/AssetTreeService.asmx/js - 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 304 0 0 66\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=236&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 152\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=235&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 159\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=234&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 234\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=185&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 249\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 70\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=187&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 157\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=188&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 161\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=237&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 286\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Clusters&id=0&status=3&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 69\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=1&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 69\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=189&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 206\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=186&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 371\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.VirtualMachines.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 93\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.VirtualMachines.Vmware&id=0&status=3&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 93\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 50\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=1&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 57\r\n",
"@version": "1",
"@timestamp": "2014-06-18T14:21:06.384Z",
"host": "10.0.101.61:59337",
"type": "iis",
"tags": [
"IIS"
],
"eventtime": "2014-06-18 14:20:45",
"hostname": "10.0.101.146",
"method": "GET",
"request": "/Orion/StatusIcon.ashx",
"query": "size=small&entity=Orion.VIM.VCenters&status=1",
"port": "80",
"username": "EVERYTHING\\administrator",
"clientip": "10.0.0.139",
"user_agent": "Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36",
"status": "200",
"substatus": "0",
"win32_status": "0",
"response_time": "54",
"@source_host": "10.0.101.146",
"@message": "2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx size=small&entity=Orion.VIM.VCenters&status=1 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 54\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/styles/Events.css - 80 - 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 302 0 0 62\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/VIM/Services/AssetTreeService.asmx/js - 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 304 0 0 66\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=236&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 152\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=235&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 159\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=234&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 234\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=185&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 249\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 70\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=187&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 157\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=188&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 161\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=237&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn1&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 286\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Clusters&id=0&status=3&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 69\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=1&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 69\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=189&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 206\r\n2014-06-18 14:20:45 10.0.101.146 POST /orion/rendercontrol.aspx ResourceID=186&NetObject=&NamingContainer=ctl00%24ctl00%24ctl00%24BodyContent%24ContentPlaceHolder1%24VimMainContentPlaceHolder%24ResourceHostControl2%24resContainer%24rptContainers%24ctl00%24rptColumn2&isNOCView=&currentUrl=aHR0cDovL3NvbGFyd2luZHMxL09yaW9uL1ZJTS9TdW1tYXJ5LmFzcHg_dmlldz1WSU0gU3VtbWFyeQ%3D%3D 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 371\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.VirtualMachines.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 93\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.VirtualMachines.Vmware&id=0&status=3&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 93\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=2&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 50\r\n2014-06-18 14:20:45 10.0.101.146 GET /Orion/StatusIcon.ashx entity=Orion.VIM.Hosts.Vmware&id=0&status=1&size=Small 80 EVERYTHING\\administrator 10.0.0.139 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.153+Safari/537.36 200 0 0 57\r\n",
"geoip": {}
},
"sort": [
1403101266384,
1403101266384
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment