1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for iptables events): | |
# GROK Patterns for iptables Logging Format | |
# | |
# Created 6 Aug 2016 by Brian Turek <brian.turek@gmail.com> | |
# Most of this was taken from another source but now I cannot find it for credit | |
# | |
# Usage: Use the IPTABLES pattern | |
NETFILTERMAC %{MAC:dest_mac}:%{MAC:src_mac}:%{ETHTYPE:ethtype} | |
ETHTYPE (?:(?:[A-Fa-f0-9]{2}):(?:[A-Fa-f0-9]{2})) |
input { | |
tcp { | |
port => 514 | |
type => syslog | |
} | |
udp { | |
port => 514 | |
type => syslog | |
} | |
} |
1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.