Spaces:
Sleeping
Sleeping
File size: 4,462 Bytes
785400f 5eb9b10 785400f 672611b d3d8436 785400f 31fea3a 785400f 31fea3a 785400f 31fea3a c42cb7b 672611b c42cb7b cca9430 c94b474 cca9430 c94b474 cca9430 672611b 31fea3a c42cb7b 672611b c42cb7b 31fea3a 672611b 31fea3a 785400f |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 |
log_definitions = {
"apache": {
"sep": " ",
"fields": [
{"name": "datetime", "pos": slice(1, 5), "type": "datetime"},
{"name": "status", "pos": 5, "type": int},
{"name": "message", "pos": slice(6, None), "type": str},
],
},
"auth": {
"sep": " ",
"fields": [
{"name": "month", "pos": 0, "type": str},
{"name": "day", "pos": 1, "type": int},
{"name": "time", "pos": 2, "type": "datetime"},
{"name": "hostname", "pos": 3, "type": str},
{"name": "service", "pos": 4, "type": str},
{"name": "message", "pos": slice(5, None), "type": str},
],
},
"dns": {
"sep": " ",
"fields": [
{"name": "date", "pos": 0, "type": "datetime"},
{"name": "time", "pos": 1, "type": "datetime"},
{"name": "query", "pos": 2, "type": str},
{"name": "domain", "pos": 3, "type": str},
{"name": "record_type", "pos": 4, "type": str},
],
},
"firewall": {
"sep": " ",
"fields": [
{"name": "month", "pos": 0, "type": str},
{"name": "day", "pos": 1, "type": int},
{"name": "time", "pos": 2, "type": "datetime"},
{"name": "host", "pos": 3, "type": str},
{"name": "kernel", "pos": 4, "type": str},
{"name": "message", "pos": slice(5, None), "type": str},
],
},
"linux": {
"sep": " ",
"fields": [
{"name": "datetime", "pos": slice(1, 3), "type": "datetime"},
{"name": "level", "pos": 3, "type": str},
{"name": "component", "pos": 4, "type": str},
{"name": "pid", "pos": 5, "type": str},
{"name": "Content", "pos": slice(6, None), "type": str},
],
},
"log": {
"sep": ";",
"fields": [
{"name": "timestamp", "pos": 0, "type": "datetime"},
{"name": "ipsource", "pos": 1, "type": str},
{"name": "ipdestination", "pos": 2, "type": str},
{"name": "protocole", "pos": 3, "type": str},
{"name": "portsource", "pos": 4, "type": int},
{"name": "portdest", "pos": 5, "type": int},
{"name": "regle1", "pos": 6, "type": str},
{"name": "status", "pos": 7, "type": str},
{"name": "interface", "pos": 8, "type": str},
{"name": "inconnu", "pos": 9, "type": str},
{"name": "regle2", "pos": 10, "type": str},
],
},
"nginx": {
"sep": " ",
"fields": [
{"name": "time", "pos": slice(1, 2), "type": "datetime"},
{"name": "remote_ip", "pos": 2, "type": str},
{"name": "remote_user", "pos": 3, "type": str},
{"name": "request", "pos": slice(4, 7), "type": str},
{"name": "response", "pos": 7, "type": str},
{"name": "bytes", "pos": 8, "type": str},
{"name": "referrer", "pos": 9, "type": str},
{"name": "agent", "pos": slice(10, 13), "type": str},
],
},
"ssh": {
"sep": " ",
"fields": [
{"name": "datetime", "pos": slice(1, 3), "type": "datetime"},
{"name": "level", "pos": 3, "type": str},
{"name": "component", "pos": 4, "type": str},
{"name": "pid", "pos": 5, "type": str},
{"name": "Content", "pos": slice(6, None), "type": str},
],
},
"xferlog": {
"sep": " ",
"fields": [
{"name": "current_time", "pos": slice(1, 5), "type": "datetime"},
{"name": "transfer_time", "pos": 5, "type": int},
{"name": "remote_host", "pos": 6, "type": str},
{"name": "file_size", "pos": 7, "type": int},
{"name": "filename", "pos": 8, "type": str},
{"name": "transfer_type", "pos": 9, "type": str},
{"name": "special_flag", "pos": 10, "type": str},
{"name": "direction", "pos": 11, "type": "direction"},
{"name": "access_mode", "pos": 12, "type": str},
{"name": "username", "pos": 13, "type": str},
{"name": "service_name", "pos": 14, "type": str},
{"name": "auth_method", "pos": 15, "type": int},
{"name": "auth_user_id", "pos": 16, "type": str},
{"name": "status", "pos": 17, "type": str},
],
},
}
|