Skip to content

Commit

Permalink
second commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@davidg-securenet
davidg-securenet committed Feb 4, 2018
1 parent 3983fae commit e02a617
Show file tree
Hide file tree
Showing 6 changed files with 82,256 additions and 0 deletions.
8,029 changes: 8,029 additions & 0 deletions LogFile Samples/dca/DCA.process.ContentFiltering.log
View file

Large diffs are not rendered by default.

38,391 changes: 38,391 additions & 0 deletions LogFile Samples/pvwa/CyberArk.WebApplication.log
View file

Large diffs are not rendered by default.

24,576 changes: 24,576 additions & 0 deletions LogFile Samples/pvwa/CyberArk.WebConsole.log
View file

Large diffs are not rendered by default.

11,019 changes: 11,019 additions & 0 deletions LogFile Samples/pvwa/CyberArk.WebTasksEngine.log
View file

Large diffs are not rendered by default.

218 changes: 218 additions & 0 deletions LogFile Samples/vault/italog.log
View file

Large diffs are not rendered by default.

23 changes: 23 additions & 0 deletions grok_for_dcaLog.notes.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# DCA Logs
DCA_COPYFROMTO .+?(?=\])
DCA_RULE .+?(?=\])
DCA_FILE \F.+?(?=\])
DCA_MESSAGE .*
DCA_SEPERATOR \s\|\s
DCA_BETWEEN \s*\|\s*.+?(?=\|)

"message" => "\[%{DATE:date}%{DCA_SEPERATOR}%{TIME:time}\]%{DCA_BETWEEN:fromto}%{DCA_BETWEEN:rule}%{DCA_BETWEEN:file}%{DCA_BETWEEN:colons}%{GREEDYDATA:msg}"

\[%{DATE:date}%{DCA_SEPERATOR}%{TIME:time}\]%{DCA_BETWEEN:fromto}%{DCA_BETWEEN:rule}%{DCA_BETWEEN:file}%{DCA_BETWEEN:colons}%{GREEDYDATA:msg}


grok for ITA LOG:
%{DATESTAMP:date_and_time}\s%{WORD:action_code}\s%{GREEDYDATA:msg}

grok for web logs
DCA_PID .+?(?=\|)
DCA_TID .+?(?=\|)



\[%{DATE:date}%{DCA_SEPERATOR}%{TIME:time}\]%{DCA_SEPERATOR}%{DCA_PID:pid}%{DCA_SEPERATOR}%{DCA_TID:tid}%{DCA_BETWEEN:colon}%{DCA_SEPERATOR}%{DCA_MESSAGE:msg}

0 comments on commit e02a617

Please sign in to comment.