firewall,info www.facebook.com forward: in:LAN(ether4) out:WAN, src-mac 4c:ed:fb:d8:5c:12, proto TCP (ACK), 10.10.10.250:65523->157.240.13.36:443, NAT (10.10.10.250:65523->172.31.64.45:65523)->157.240.13.36:443, len 40 I made the video, but I do not because I do not have the basics.
Amazing, keep up the good work! Hats off to you
Thanks a lot!
Pardon me, but why did you define message_field in the rule if you are not going to use it.
Hi Sir, Excellent video. I wanted to understand will this method work to resolve parsing exceptions ?
i think that the syntax it might be different, i haven't tried it.
Great demo! Very well explained and I am keen to use GrayLog now. :)
Glad it was helpful!
Built my own graylog server today and was curious to pipelines. Thanks for the video 👍
firewall,info www.facebook.com forward: in:LAN(ether4) out:WAN, src-mac 4c:ed:fb:d8:5c:12, proto TCP (ACK), 10.10.10.250:65523->157.240.13.36:443, NAT (10.10.10.250:65523->172.31.64.45:65523)->157.240.13.36:443, len 40
I made the video, but I do not because I do not have the basics.
i'll try to make another video and show you guys how you can parse them with pipelines and grok patterns.
th-cam.com/video/6GQj0S8DZsw/w-d-xo.html
just made this video which has your log as an example. i hope now it makes more sense on how to use grok patterns and pipelines.