You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 lines
495 B
8 lines
495 B
[set_sourcetype_omniswitch]
|
|
SOURCE_KEY = MetaData:Host
|
|
REGEX = .*
|
|
FORMAT = sourcetype::alcatel_omniswitch
|
|
|
|
[extract_alcatel_fields]
|
|
REGEX = ^(?<date>\w+\s+\d+\s+\d+:\d+:\d+)\s+(?<hostname>\S+)\s+(?<process>\S+)\s+(?<sub_process>\S+)\s+(?<log_level>\S+):\s+(?<event_info>.*?)(?:(?<cmd>\b(?:cmd|cmdHy):\d+))?(?:,\s+(?<zport>\bzport:\d+))?(?:,\s+(?<apMedia>\bapMedia:\d+))?
|
|
FORMAT = date::$1 hostname::$2 process::$3 sub_process::$4 log_level::$5 event_info::$6 cmd::$7 zport::$8 apMedia::$9 |