telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

clean up log sources

Browse Source
This commit is contained in:
t3chn0m4g3
2018-11-13 15:46:57 +00:00
parent 106193fac5
commit 5754c79086
1 changed files with 0 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docker/elk/logstash/dist/logstash.conf vendored
View File

@ -50,12 +50,6 @@ input {
type => "ElasticPot" type => "ElasticPot"
} }
# eMobility
file {
path => ["/data/emobility/log/centralsystemEWS.log"]
type => "eMobility"
}
# Glastopf # Glastopf
file { file {
path => ["/data/glastopf/log/glastopf.log"] path => ["/data/glastopf/log/glastopf.log"]
@ -231,16 +225,6 @@ filter {
} }
} }
# eMobility
if [type] == "eMobility" {
grok {
match => [ "message", "\A%{IP:src_ip}\.%{POSINT:src_port:integer}\|%{IP:dest_ip}\.%{POSINT:dest_port:integer}:%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424SD}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{SYSLOG5424PRINTASCII}%{SPACE}%{URIPROTO:http_method}\|%{URIPATH:http_uri}\|%{TIMESTAMP_ISO8601:timestamp}" ]
}
date {
match => [ "timestamp", "ISO8601" ]
}
}
# Glastopf # Glastopf
if [type] == "Glastopf" { if [type] == "Glastopf" {
grok { grok {