Feature #307: Additional prefix-regex to deal with apache error_log file format - Prelude-LML - UNITY 360

Feature #307

Additional prefix-regex to deal with apache error_log file format

Added by over 15 years ago. Updated almost 15 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Yoann VANDOORSELAERE

Target version:

0.9.13

Start date:

Due date:

% Done:

Resolution:

fixed

Description

Current prelude-lml configuration has httpd.rules that deal with errors in apache logs but [format=apache] section in prelude-lml.conf deals with only common log format, not error log format. So nobody is able to parse errors since prelude-lml.conf doesn't match them. Here're the additions to prelude-lml.conf (I added additional blank lines, so remove them):

[format=apache-error]
time-format = "%a %b %d %H:%M:%S %Y" 
prefix-regex = "^\[(?P<timestamp>.{24})\] \S+ \[client (?P<hostname>\S+)\] " 
file = /var/log/httpd/error_log

History

#1 Updated by Yoann VANDOORSELAERE over 15 years ago

Status changed from New to Assigned

#2 Updated by Yoann VANDOORSELAERE over 15 years ago

Status changed from Assigned to Closed
Resolution set to fixed

Fixed in r10887.

#3 Updated by Yoann VANDOORSELAERE almost 15 years ago

Project changed from PRELUDE SIEM to Prelude-LML
Category deleted (4)
Target version deleted (~~0.9.13~~)

Also available in: Atom PDF

Project

General

Profile