|
|
{ "v": 1, "id": "349bde6e-bc66-427a-8cec-67c717f0c8a0", "rev": 1, "name": "Liwo", "summary": "Liwo", "description": "", "vendor": "Liwo", "url": "", "parameters": [], "entities": [ { "v": "1", "type": { "name": "sidecar_collector", "version": "1" }, "id": "66ff4ca8-cd50-460e-91dc-9123f678dd43", "data": { "name": { "@type": "string", "@value": "filebeat" }, "service_type": { "@type": "string", "@value": "exec" }, "node_operating_system": { "@type": "string", "@value": "linux" }, "executable_path": { "@type": "string", "@value": "/usr/share/filebeat/bin/filebeat" }, "execute_parameters": { "@type": "string", "@value": "-c %s" }, "validation_parameters": { "@type": "string", "@value": "test config -c %s" }, "default_template": { "@type": "string", "@value": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\nfilebeat.inputs:\n- input_type: log\n paths:\n - /var/log/*.log\n type: log\noutput.logstash:\n hosts: [\"192.168.1.1:5044\"]\npath:\n data: /var/lib/graylog-sidecar/collectors/filebeat/data\n logs: /var/lib/graylog-sidecar/collectors/filebeat/log" } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "92f767af-fb4f-40cb-90ba-c2f05d8a74ee", "data": { "name": "SYSLOGTIMESTAMP", "pattern": "%{MONTH} +%{MONTHDAY} %{TIME}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "dashboard", "version": "2" }, "id": "14132da6-1cc2-4ffe-a735-e5c0a174f11e", "data": { "summary": { "@type": "string", "@value": "This is a list of all sources that sent in messages to Graylog." }, "search": { "queries": [ { "id": "a1647eb6-a064-4fe6-b459-1e4267d3f659", "timerange": { "type": "relative", "range": 300 }, "query": { "type": "elasticsearch", "query_string": "" }, "search_types": [ { "query": null, "name": "chart", "timerange": { "type": "relative", "range": 300 }, "streams": [], "series": [ { "type": "count", "id": "Message count", "field": null } ], "filter": null, "rollup": true, "row_groups": [ { "type": "time", "field": "timestamp", "interval": { "type": "auto", "scaling": 1 } } ], "type": "pivot", "id": "481de18f-938e-40d5-8ab2-6eaf6a28f091", "column_groups": [], "sort": [] }, { "query": null, "name": "chart", "timerange": { "type": "relative", "range": 300 }, "streams": [], "series": [ { "type": "count", "id": "Message count", "field": null } ], "filter": null, "rollup": true, "row_groups": [ { "type": "values", "field": "source", "limit": 10 } ], "type": "pivot", "id": "a964f1c5-e108-4b5e-a907-ffe0b0f0683c", "column_groups": [], "sort": [ { "type": "series", "field": "count()", "direction": "Descending" } ] }, { "query": null, "name": "chart", "timerange": { "type": "relative", "range": 300 }, "streams": [], "series": [ { "type": "count", "id": "Message count", "field": null } ], "filter": null, "rollup": true, "row_groups": [ { "type": "values", "field": "source", "limit": 15 } ], "type": "pivot", "id": "011b2894-49e5-44d8-aab6-8c4d4457a886", "column_groups": [], "sort": [ { "type": "series", "field": "count()", "direction": "Descending" } ] } ] } ], "parameters": [], "requires": {}, "owner": "admin", "created_at": "2019-11-22T10:58:47.255Z" }, "created_at": "2019-11-22T10:54:50.950Z", "requires": {}, "state": { "a1647eb6-a064-4fe6-b459-1e4267d3f659": { "selected_fields": null, "static_message_list_id": null, "titles": { "tab": { "title": "Sources Overview" }, "widget": { "6c127c5d-be75-4157-b43f-ac0194ac0586": "Selected sources", "92d63811-e4dd-47db-bd3b-db03c8a9bd53": "Messages per Source", "00637e63-d728-4b3e-932b-7c8696b4855d": "Messages over time" } }, "widgets": [ { "id": "92d63811-e4dd-47db-bd3b-db03c8a9bd53", "type": "aggregation", "filter": null, "timerange": { "type": "relative", "range": 300 }, "query": null, "streams": [], "config": { "visualization": "pie", "event_annotation": false, "row_pivots": [ { "field": "source", "type": "values", "config": { "limit": 10 } } ], "series": [ { "config": { "name": "Message count" }, "function": "count()" } ], "rollup": true, "column_pivots": [], "visualization_config": null, "formatting_settings": null, "sort": [ { "type": "series", "field": "count()", "direction": "Descending" } ] } }, { "id": "00637e63-d728-4b3e-932b-7c8696b4855d", "type": "aggregation", "filter": null, "timerange": { "type": "relative", "range": 300 }, "query": null, "streams": [], "config": { "visualization": "line", "event_annotation": false, "row_pivots": [ { "field": "timestamp", "type": "time", "config": { "interval": { "type": "auto", "scaling": null } } } ], "series": [ { "config": { "name": "Message count" }, "function": "count()" } ], "rollup": true, "column_pivots": [], "visualization_config": null, "formatting_settings": null, "sort": [] } }, { "id": "6c127c5d-be75-4157-b43f-ac0194ac0586", "type": "aggregation", "filter": null, "timerange": { "type": "relative", "range": 300 }, "query": null, "streams": [], "config": { "visualization": "table", "event_annotation": false, "row_pivots": [ { "field": "source", "type": "values", "config": { "limit": 15 } } ], "series": [ { "config": { "name": "Message count" }, "function": "count()" } ], "rollup": true, "column_pivots": [], "visualization_config": null, "formatting_settings": null, "sort": [ { "type": "series", "field": "count()", "direction": "Descending" } ] } } ], "widget_mapping": { "6c127c5d-be75-4157-b43f-ac0194ac0586": [ "011b2894-49e5-44d8-aab6-8c4d4457a886" ], "92d63811-e4dd-47db-bd3b-db03c8a9bd53": [ "a964f1c5-e108-4b5e-a907-ffe0b0f0683c" ], "00637e63-d728-4b3e-932b-7c8696b4855d": [ "481de18f-938e-40d5-8ab2-6eaf6a28f091" ] }, "positions": { "6c127c5d-be75-4157-b43f-ac0194ac0586": { "col": 1, "row": 5, "height": 4, "width": 6 }, "92d63811-e4dd-47db-bd3b-db03c8a9bd53": { "col": 7, "row": 5, "height": 4, "width": 6 }, "00637e63-d728-4b3e-932b-7c8696b4855d": { "col": 1, "row": 1, "height": 4, "width": "Infinity" } }, "formatting": { "highlighting": [] }, "display_mode_settings": { "positions": {} } } }, "properties": [], "owner": "admin", "title": { "@type": "string", "@value": "Sources" }, "type": "DASHBOARD", "description": { "@type": "string", "@value": "This is a list of all sources that sent in messages to Graylog. You can narrow the timerange by zooming in on the message histogram, or you can increase the time range by specifying a broader one in the controls at the top. You can also specify filters to limit the results you are seeing. You can also add additional widgets to this dashboard, or adapt the appearance of existing widgets to suit your needs." } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "00bace8f-a5e8-42e1-88a3-afc34c5887a6", "data": { "name": "IPORHOST", "pattern": "(?:%{IP}|%{HOSTNAME})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "03c56f23-5a73-4fc9-818c-dc4d6c5422e2", "data": { "name": "QUOTEDSTRING", "pattern": "(?>(?<!\\\\)(?>\"(?>\\\\.|[^\\\\\"]+)+\"|\"\"|(?>'(?>\\\\.|[^\\\\']+)+')|''|(?>`(?>\\\\.|[^\\\\`]+)+`)|``))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "sidecar_collector", "version": "1" }, "id": "954fdaf3-c6ef-4012-b730-a0fa89645b40", "data": { "name": { "@type": "string", "@value": "nxlog" }, "service_type": { "@type": "string", "@value": "svc" }, "node_operating_system": { "@type": "string", "@value": "windows" }, "executable_path": { "@type": "string", "@value": "C:\\Program Files (x86)\\nxlog\\nxlog.exe" }, "execute_parameters": { "@type": "string", "@value": "-c \"%s\"" }, "validation_parameters": { "@type": "string", "@value": "-v -f -c \"%s\"" }, "default_template": { "@type": "string", "@value": "define ROOT C:\\Program Files (x86)\\nxlog\n\nModuledir %ROOT%\\modules\nCacheDir %ROOT%\\data\nPidfile %ROOT%\\data\\nxlog.pid\nSpoolDir %ROOT%\\data\nLogFile %ROOT%\\data\\nxlog.log\nLogLevel INFO\n\n<Extension logrotate>\n Module xm_fileop\n <Schedule>\n When @daily\n Exec file_cycle('%ROOT%\\data\\nxlog.log', 7);\n </Schedule>\n</Extension>\n\n\n<Extension gelfExt>\n Module xm_gelf\n # Avoid truncation of the short_message field to 64 characters.\n ShortMessageLength 65536\n</Extension>\n\n<Input eventlog>\n Module im_msvistalog\n PollInterval 1\n SavePos True\n ReadFromLast True\n \n #Channel System\n #<QueryXML>\n # <QueryList>\n # <Query Id='1'>\n # <Select Path='Security'>*[System/Level=4]</Select>\n # </Query>\n # </QueryList>\n #</QueryXML>\n</Input>\n\n\n<Input file>\n\tModule im_file\n\tFile 'C:\\Windows\\MyLogDir\\\\*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n</Input>\n\n\n<Output gelf>\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType GELF_TCP\n\t<Exec>\n\t # These fields are needed for Graylog\n\t $gl2_source_collector = '${sidecar.nodeId}';\n\t $collector_node_id = '${sidecar.nodeName}';\n\t</Exec>\n</Output>\n\n\n<Route route-1>\n Path eventlog => gelf\n</Route>\n<Route route-2>\n Path file => gelf\n</Route>\n\n" } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "2e477fbe-615c-4cf9-a48e-48ace38d1591", "data": { "name": "DAY", "pattern": "(?:Mon(?:day)?|Tue(?:sday)?|Wed(?:nesday)?|Thu(?:rsday)?|Fri(?:day)?|Sat(?:urday)?|Sun(?:day)?)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "53f544b2-0323-4d77-8df0-29461b916318", "data": { "name": "DATESTAMP_OTHER", "pattern": "%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{TZ} %{YEAR}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "8caea7c6-e2ea-461b-81d4-04c2e17fb490", "data": { "name": "CISCOMAC", "pattern": "(?:(?:[A-Fa-f0-9]{4}\\.){2}[A-Fa-f0-9]{4})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "b15ec78c-5fed-497b-8bac-b85d74c6052b", "data": { "name": "SECOND", "pattern": "(?:(?:[0-5]?[0-9]|60)(?:[:.,][0-9]+)?)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "5929b910-f97b-4131-92e9-c4a2031518fc", "data": { "name": "BASE16NUM", "pattern": "(?<![0-9A-Fa-f])(?:[+-]?(?:0x)?(?:[0-9A-Fa-f]+))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "c989eb86-1aba-4d2a-9639-85a117472496", "data": { "name": "DATE", "pattern": "%{DATE_US}|%{DATE_EU}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "bab21710-64f1-4c56-b4b6-7bb9c876e924", "data": { "name": "URIPATHPARAM", "pattern": "%{URIPATH}(?:%{URIPARAM})?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "35a6765b-4635-4b2e-b7a9-02e829316d8d", "data": { "name": "LOGLEVEL", "pattern": "([Aa]lert|ALERT|[Tt]race|TRACE|[Dd]ebug|DEBUG|[Nn]otice|NOTICE|[Ii]nfo|INFO|[Ww]arn?(?:ing)?|WARN?(?:ING)?|[Ee]rr?(?:or)?|ERR?(?:OR)?|[Cc]rit?(?:ical)?|CRIT?(?:ICAL)?|[Ff]atal|FATAL|[Ss]evere|SEVERE|EMERG(?:ENCY)?|[Ee]merg(?:ency)?)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "c03e91d3-a36a-4e2a-9c05-b4cabd93f39e", "data": { "name": "INT", "pattern": "(?:[+-]?(?:[0-9]+))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "4f2a8bb0-da94-4d11-a9d2-c3807b8f7445", "data": { "name": "COMMONMAC", "pattern": "(?:(?:[A-Fa-f0-9]{2}:){5}[A-Fa-f0-9]{2})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "55b315e3-d7e6-41f2-a6ba-090b67b1ae5a", "data": { "name": "PATH", "pattern": "(?:%{UNIXPATH}|%{WINPATH})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "input", "version": "1" }, "id": "95a5657f-0ed4-419c-b4cf-8c4357683d69", "data": { "title": { "@type": "string", "@value": "MySQL" }, "configuration": { "tls_key_file": { "@type": "string", "@value": "" }, "port": { "@type": "integer", "@value": 5044 }, "tls_enable": { "@type": "boolean", "@value": false }, "recv_buffer_size": { "@type": "integer", "@value": 1048576 }, "tcp_keepalive": { "@type": "boolean", "@value": false }, "tls_client_auth_cert_file": { "@type": "string", "@value": "" }, "bind_address": { "@type": "string", "@value": "0.0.0.0" }, "no_beats_prefix": { "@type": "boolean", "@value": false }, "tls_cert_file": { "@type": "string", "@value": "" }, "tls_client_auth": { "@type": "string", "@value": "disabled" }, "number_worker_threads": { "@type": "integer", "@value": 4 }, "tls_key_password": { "@type": "string", "@value": "" } }, "static_fields": {}, "type": { "@type": "string", "@value": "org.graylog.plugins.beats.Beats2Input" }, "global": { "@type": "boolean", "@value": true }, "extractors": [] }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "089c28a7-a3e6-455e-9224-ec34212726d1", "data": { "name": "ISO8601_SECOND", "pattern": "(?:%{SECOND}|60)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "37b422ec-e226-4f3c-8461-929df9e3b570", "data": { "name": "GREEDYDATA", "pattern": ".*" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "b4d59466-6610-40f6-bc86-d0ad835e3e59", "data": { "name": "MONTHDAY", "pattern": "(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "075b3e85-593e-471d-ab8c-82ac71542728", "data": { "name": "TIME", "pattern": "(?!<[0-9])%{HOUR}:%{MINUTE}(?::%{SECOND})(?![0-9])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "0f2c231d-6a0c-46bb-8ae8-a7c53bca776e", "data": { "name": "TZ", "pattern": "(?:[PMCE][SD]T|UTC)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "d18cdb90-fe4c-4b26-904b-9ba148fccc37", "data": { "name": "HTTPDERROR_DATE", "pattern": "%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "926552e4-c6e6-42d2-a2af-177a6e5ca3c3", "data": { "name": "NUMBER", "pattern": "(?:%{BASE10NUM})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "2a77197a-385e-41fe-a8b5-70c9c376466f", "data": { "name": "QS", "pattern": "%{QUOTEDSTRING}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "f9169aaa-825b-4e85-86f6-da5e057c388f", "data": { "name": "DATA", "pattern": ".*?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "247a2f23-3bb6-4dc4-beb1-57234162f0e5", "data": { "name": "DATESTAMP", "pattern": "%{DATE}[- ]%{TIME}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "f821d762-92a8-4fc2-8d77-4b25a2a173d1", "data": { "name": "MONTHNUM", "pattern": "(?:0?[1-9]|1[0-2])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "33b8be09-37f2-4d14-9edf-6881bf54743d", "data": { "name": "WORD", "pattern": "\\b\\w+\\b" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "89af4964-6026-44fb-81ea-d6a390ca8903", "data": { "name": "IP", "pattern": "(?:%{IPV6}|%{IPV4})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "492d4c0f-ee79-4129-bf4b-ab8d7a933a3b", "data": { "name": "WINPATH", "pattern": "(?>[A-Za-z]+:|\\\\)(?:\\\\[^\\\\?*]*)+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "input", "version": "1" }, "id": "2399a894-fd4a-4c3b-8e2f-30970a7aa8d3", "data": { "title": { "@type": "string", "@value": "Laravel" }, "configuration": { "recv_buffer_size": { "@type": "integer", "@value": 262144 }, "port": { "@type": "integer", "@value": 12201 }, "number_worker_threads": { "@type": "integer", "@value": 4 }, "bind_address": { "@type": "string", "@value": "0.0.0.0" }, "decompress_size_limit": { "@type": "integer", "@value": 8388608 } }, "static_fields": {}, "type": { "@type": "string", "@value": "org.graylog2.inputs.gelf.udp.GELFUDPInput" }, "global": { "@type": "boolean", "@value": true }, "extractors": [] }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "ba6885ed-9583-4898-a4ff-ee231e5b3fba", "data": { "name": "IPV4", "pattern": "(?<![0-9])(?:(?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5])[.](?:[0-1]?[0-9]{1,2}|2[0-4][0-9]|25[0-5]))(?![0-9])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "4c016236-66b5-4633-b961-08e9f1d1a4ec", "data": { "name": "NOTSPACE", "pattern": "\\S+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "22f9f174-793a-45d7-9444-519d6a4b99c0", "data": { "name": "COMMONAPACHELOG", "pattern": "%{IPORHOST:clientip} %{HTTPDUSER:ident} %{USER:auth} \\[%{HTTPDATE:timestamp;date;dd/MMM/yyyy:HH:mm:ss Z}\\] \"(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})\" %{NUMBER:response} (?:%{NUMBER:bytes}|-)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "b2a8b7c7-bbb7-4904-b5cc-920c69019ad3", "data": { "name": "MAC", "pattern": "(?:%{CISCOMAC}|%{WINDOWSMAC}|%{COMMONMAC})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "993b5faa-64bf-4e8a-8998-54a980ddb4a4", "data": { "name": "NONNEGINT", "pattern": "\\b(?:[0-9]+)\\b" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "7ec306ac-bfe2-4dd1-9e86-6876382216de", "data": { "name": "PROG", "pattern": "[\\x21-\\x5a\\x5c\\x5e-\\x7e]+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "ca3ccb18-4220-41c1-8d8a-82833a13bd4d", "data": { "name": "USER", "pattern": "%{USERNAME}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "sidecar_collector", "version": "1" }, "id": "abc9f978-f01e-470e-9687-3977ba243011", "data": { "name": { "@type": "string", "@value": "winlogbeat" }, "service_type": { "@type": "string", "@value": "svc" }, "node_operating_system": { "@type": "string", "@value": "windows" }, "executable_path": { "@type": "string", "@value": "C:\\Program Files\\Graylog\\sidecar\\winlogbeat.exe" }, "execute_parameters": { "@type": "string", "@value": "-c \"%s\"" }, "validation_parameters": { "@type": "string", "@value": "test config -c \"%s\"" }, "default_template": { "@type": "string", "@value": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\noutput.logstash:\n hosts: [\"192.168.1.1:5044\"]\npath:\n data: C:\\Program Files\\Graylog\\sidecar\\cache\\winlogbeat\\data\n logs: C:\\Program Files\\Graylog\\sidecar\\logs\ntags:\n - windows\nwinlogbeat:\n event_logs:\n - name: Application\n - name: System\n - name: Security" } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "00148b53-1876-414e-81e8-875ba243a028", "data": { "name": "HOSTNAME", "pattern": "\\b(?:[0-9A-Za-z][0-9A-Za-z-]{0,62})(?:\\.(?:[0-9A-Za-z][0-9A-Za-z-]{0,62}))*(\\.?|\\b)" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "4d5a33f8-83f7-4a4e-9be9-0bf62c2bc533", "data": { "name": "DATE_US", "pattern": "%{MONTHNUM}[/-]%{MONTHDAY}[/-]%{YEAR}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "5cb8080d-ef7c-48f7-bc8b-e284a114a5ec", "data": { "name": "HOUR", "pattern": "(?:2[0123]|[01]?[0-9])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "e54f322e-ac39-49bf-b7c5-b53c70a561a0", "data": { "name": "HTTPD24_ERRORLOG", "pattern": "\\[%{HTTPDERROR_DATE:timestamp}\\] \\[%{WORD:module}:%{LOGLEVEL:loglevel}\\] \\[pid %{POSINT:pid}:tid %{NUMBER:tid}\\]( \\(%{POSINT:proxy_errorcode}\\)%{DATA:proxy_errormessage}:)?( \\[client %{IPORHOST:client}:%{POSINT:clientport}\\])? %{DATA:errorcode}: %{GREEDYDATA:message}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "73ed17b1-3992-4783-aee0-47f31e506a00", "data": { "name": "POSINT", "pattern": "\\b(?:[1-9][0-9]*)\\b" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "1ba2d36b-bbff-4337-9e13-acd9e1674285", "data": { "name": "URIPARAM", "pattern": "\\?[A-Za-z0-9$.+!*'|(){},~@#%&/=:;_?\\-\\[\\]<>]*" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "007a7e1b-b888-4d34-870c-66a3b7f91b97", "data": { "name": "EMAILLOCALPART", "pattern": "[a-zA-Z][a-zA-Z0-9_.+-=:]+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "984cce84-823c-45c9-8d53-9bbd61ff4685", "data": { "name": "EMAILADDRESS", "pattern": "%{EMAILLOCALPART}@%{HOSTNAME}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "858f1b4a-4a7b-483b-bfa2-5e0bae6ec03a", "data": { "name": "TTY", "pattern": "(?:/dev/(pts|tty([pq])?)(\\w+)?/?(?:[0-9]+))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "67be690a-928f-48cc-93d1-c9e06b09582e", "data": { "name": "DATESTAMP_RFC822", "pattern": "%{DAY} %{MONTH} %{MONTHDAY} %{YEAR} %{TIME} %{TZ}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "6faa1684-62f9-45a8-b5d1-ea4aa49d15d6", "data": { "name": "URIHOST", "pattern": "%{IPORHOST}(?::%{POSINT:port})?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "1ccb050a-8430-48dc-8ec9-d2fc754c483b", "data": { "name": "HTTPDATE", "pattern": "%{MONTHDAY}/%{MONTH}/%{YEAR}:%{TIME} %{INT}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "35f9f5a9-6b44-4dc1-853c-f3ffa2504c03", "data": { "name": "SYSLOGPROG", "pattern": "%{PROG:program}(?:\\[%{POSINT:pid}\\])?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "22ccfac1-ba47-4c9c-9349-04f6fdca1748", "data": { "name": "WINDOWSMAC", "pattern": "(?:(?:[A-Fa-f0-9]{2}-){5}[A-Fa-f0-9]{2})" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "fdb9dee3-a9bf-4132-aa21-7c8d987481b9", "data": { "name": "TIMESTAMP_ISO8601", "pattern": "%{YEAR}-%{MONTHNUM}-%{MONTHDAY}[T ]%{HOUR}:?%{MINUTE}(?::?%{SECOND})?%{ISO8601_TIMEZONE}?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "sidecar_collector", "version": "1" }, "id": "f30d09f1-90c2-4375-9ecb-89ce13e20915", "data": { "name": { "@type": "string", "@value": "filebeat" }, "service_type": { "@type": "string", "@value": "svc" }, "node_operating_system": { "@type": "string", "@value": "windows" }, "executable_path": { "@type": "string", "@value": "C:\\Program Files\\Graylog\\sidecar\\filebeat.exe" }, "execute_parameters": { "@type": "string", "@value": "-c \"%s\"" }, "validation_parameters": { "@type": "string", "@value": "test config -c \"%s\"" }, "default_template": { "@type": "string", "@value": "# Needed for Graylog\nfields_under_root: true\nfields.collector_node_id: ${sidecar.nodeName}\nfields.gl2_source_collector: ${sidecar.nodeId}\n\noutput.logstash:\n hosts: [\"192.168.1.1:5044\"]\npath:\n data: C:\\Program Files\\Graylog\\sidecar\\cache\\filebeat\\data\n logs: C:\\Program Files\\Graylog\\sidecar\\logs\ntags:\n - windows\nfilebeat.inputs:\n- type: log\n enabled: true\n paths:\n - C:\\logs\\log.log\n" } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "320c2c19-1e1a-4c27-bc8b-547896b56e7e", "data": { "name": "BASE10NUM", "pattern": "(?<![0-9.+-])(?>[+-]?(?:(?:[0-9]+(?:\\.[0-9]+)?)|(?:\\.[0-9]+)))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "d008f6e1-1c14-447e-bacc-8e86accde5f7", "data": { "name": "HTTPD20_ERRORLOG", "pattern": "\\[%{HTTPDERROR_DATE:timestamp}\\] \\[%{LOGLEVEL:loglevel}\\] (?:\\[client %{IPORHOST:clientip}\\] ){0,1}%{GREEDYDATA:errormsg}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "dceff2d8-677f-406e-bf4f-1973aee060a5", "data": { "name": "COMBINEDAPACHELOG", "pattern": "%{COMMONAPACHELOG} %{QS:referrer} %{QS:agent}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "ec726ca4-ac9d-4917-8c2a-da8e2499e85a", "data": { "name": "DATESTAMP_RFC2822", "pattern": "%{DAY}, %{MONTHDAY} %{MONTH} %{YEAR} %{TIME} %{ISO8601_TIMEZONE}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "9bdc4061-bee8-4902-bde2-5eb17759c36c", "data": { "name": "ISO8601_TIMEZONE", "pattern": "(?:Z|[+-]%{HOUR}(?::?%{MINUTE}))" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "0be7b9d1-f719-4ef7-a8aa-32906922122f", "data": { "name": "UNIXPATH", "pattern": "(/([\\w_%!$@:.,~-]+|\\\\.)*)+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "22dc7fae-412c-4026-adad-0b71bfa2cba5", "data": { "name": "UUID", "pattern": "[A-Fa-f0-9]{8}-(?:[A-Fa-f0-9]{4}-){3}[A-Fa-f0-9]{12}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "14bb404e-afae-4119-9b18-96e0e1df3355", "data": { "name": "SPACE", "pattern": "\\s*" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "3d93cd19-e88b-4487-b542-e1bdf9075473", "data": { "name": "USERNAME", "pattern": "[a-zA-Z0-9._-]+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "53b67c38-ba8a-4844-8e16-ec73be53e53f", "data": { "name": "BASE16FLOAT", "pattern": "\\b(?<![0-9A-Fa-f.])(?:[+-]?(?:0x)?(?:(?:[0-9A-Fa-f]+(?:\\.[0-9A-Fa-f]*)?)|(?:\\.[0-9A-Fa-f]+)))\\b" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "1c35883d-79f1-4ac5-bfbd-4de46b93b038", "data": { "name": "URI", "pattern": "%{URIPROTO}://(?:%{USER}(?::[^@]*)?@)?(?:%{URIHOST})?(?:%{URIPATHPARAM})?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "037050ff-4fc7-4ab6-ae28-5992be37be17", "data": { "name": "URIPATH", "pattern": "(?:/[A-Za-z0-9$.+!*'(){},~:;=@#%_\\-]*)+" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "da9d35c7-6045-4f24-9ed6-db09aac6499a", "data": { "name": "DATESTAMP_EVENTLOG", "pattern": "%{YEAR}%{MONTHNUM2}%{MONTHDAY}%{HOUR}%{MINUTE}%{SECOND}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "438cd268-259b-48f1-b65d-62febe312acd", "data": { "name": "HTTPD_ERRORLOG", "pattern": "%{HTTPD20_ERRORLOG}|%{HTTPD24_ERRORLOG}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "0de2450e-258b-48bc-8256-5d86fa63e96d", "data": { "name": "SYSLOGBASE", "pattern": "%{SYSLOGTIMESTAMP:timestamp} (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{SYSLOGPROG}:" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "fe10b676-42be-422a-a7cf-6cd5d3710316", "data": { "name": "HTTPDUSER", "pattern": "%{EMAILADDRESS}|%{USER}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "8d4d1366-010f-47ff-b456-12acbf571fb0", "data": { "name": "MONTHNUM2", "pattern": "(?:0[1-9]|1[0-2])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "157039a0-0020-44d5-8560-409727f8843f", "data": { "name": "MONTH", "pattern": "\\b(?:Jan(?:uary|uar)?|Feb(?:ruary|ruar)?|M(?:a|ä)?r(?:ch|z)?|Apr(?:il)?|Ma(?:y|i)?|Jun(?:e|i)?|Jul(?:y)?|Aug(?:ust)?|Sep(?:tember)?|O(?:c|k)?t(?:ober)?|Nov(?:ember)?|De(?:c|z)(?:ember)?)\\b" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "b63bd64b-a2f6-427d-a375-ad69c6ab4f9f", "data": { "name": "YEAR", "pattern": "(?>\\d\\d){1,2}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "cf0c76bf-4af8-4df5-9d1f-180153aac612", "data": { "name": "IPV6", "pattern": "((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)){3}))|:)))(%.+)?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "ce76d569-9056-4612-b066-ae4a8cd5fe10", "data": { "name": "SYSLOGHOST", "pattern": "%{IPORHOST}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "sidecar_collector", "version": "1" }, "id": "30a4bf82-5c63-40ee-a947-19551aabdadd", "data": { "name": { "@type": "string", "@value": "nxlog" }, "service_type": { "@type": "string", "@value": "exec" }, "node_operating_system": { "@type": "string", "@value": "linux" }, "executable_path": { "@type": "string", "@value": "/usr/bin/nxlog" }, "execute_parameters": { "@type": "string", "@value": "-f -c %s" }, "validation_parameters": { "@type": "string", "@value": "-v -c %s" }, "default_template": { "@type": "string", "@value": "define ROOT /usr/bin\n\n<Extension gelfExt>\n Module xm_gelf\n # Avoid truncation of the short_message field to 64 characters.\n ShortMessageLength 65536\n</Extension>\n\n<Extension syslogExt>\n Module xm_syslog\n</Extension>\n\nUser nxlog\nGroup nxlog\n\nModuledir /usr/lib/nxlog/modules\nCacheDir /var/spool/nxlog/data\nPidFile /var/run/nxlog/nxlog.pid\nLogFile /var/log/nxlog/nxlog.log\nLogLevel INFO\n\n\n<Input file>\n\tModule im_file\n\tFile '/var/log/*.log'\n\tPollInterval 1\n\tSavePos\tTrue\n\tReadFromLast True\n\tRecursive False\n\tRenameCheck False\n\tExec $FileName = file_name(); # Send file name with each message\n</Input>\n\n#<Input syslog-udp>\n#\tModule im_udp\n#\tHost 127.0.0.1\n#\tPort 514\n#\tExec parse_syslog_bsd();\n#</Input>\n\n<Output gelf>\n\tModule om_tcp\n\tHost 192.168.1.1\n\tPort 12201\n\tOutputType GELF_TCP\n\t<Exec>\n\t # These fields are needed for Graylog\n\t $gl2_source_collector = '${sidecar.nodeId}';\n\t $collector_node_id = '${sidecar.nodeName}';\n\t</Exec>\n</Output>\n\n\n<Route route-1>\n Path file => gelf\n</Route>\n#<Route route-2>\n# Path syslog-udp => gelf\n#</Route>\n\n\n" } }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "9084046b-5fdb-492b-ae8c-194dc2600739", "data": { "name": "DATE_EU", "pattern": "%{MONTHDAY}[./-]%{MONTHNUM}[./-]%{YEAR}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "68ab0925-f0bb-4620-8982-7cb93c544e84", "data": { "name": "HOSTPORT", "pattern": "%{IPORHOST}:%{POSINT}" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "a142e740-27a9-49a0-906b-764b6807734c", "data": { "name": "MINUTE", "pattern": "(?:[0-5][0-9])" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "f3b69a79-7052-4aa5-83d6-64b855997034", "data": { "name": "SYSLOGFACILITY", "pattern": "<%{NONNEGINT:facility}.%{NONNEGINT:priority}>" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] }, { "v": "1", "type": { "name": "grok_pattern", "version": "1" }, "id": "7f128254-bc48-4047-baca-c034e257cd94", "data": { "name": "URIPROTO", "pattern": "[A-Za-z]+(\\+[A-Za-z+]+)?" }, "constraints": [ { "type": "server-version", "version": ">=4.0.5+d95b909" } ] } ]}
|
