techhelplist/sophos_central_alert_graylog2_extractor.txt

## sophos_central_alert_graylog2_extractor.txt
{
  "extractors": [
    {
      "title": "sophos_json_extractor",
      "extractor_type": "json",
      "converters": [],
      "order": 0,
      "cursor_strategy": "copy",
      "source_field": "message",
      "target_field": "",
      "extractor_config": {
        "flatten": false,
        "list_separator": ", ",
        "kv_separator": ":",
        "key_prefix": "sophos_",
        "key_separator": "_",
        "replace_key_whitespace": false,
        "key_whitespace_replacement": "_"
      },
      "condition_type": "none",
      "condition_value": ""
    }
  ],
  "version": "3.1.2"
}
	{
	"extractors": [
	{
	"title": "sophos_json_extractor",
	"extractor_type": "json",
	"converters": [],
	"order": 0,
	"cursor_strategy": "copy",
	"source_field": "message",
	"target_field": "",
	"extractor_config": {
	"flatten": false,
	"list_separator": ", ",
	"kv_separator": ":",
	"key_prefix": "sophos_",
	"key_separator": "_",
	"replace_key_whitespace": false,
	"key_whitespace_replacement": "_"
	},
	"condition_type": "none",
	"condition_value": ""
	}
	],
	"version": "3.1.2"
	}