Coder Social home page Coder Social logo

audit_log_parser's Introduction

audit_log_parser's People

Contributors

winebarrel avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

chriscz satyavadali dg-i pyama86

audit_log_parser's Issues

Feature request: Store raw data before parsing

Thanks so much for making this parser, it is exactly what I was looking for. My only additional hope is to retain the audit log in its raw form as well.

I have tried to chain this filter together with another filter like this:

<source>
  @type tail
  format none
  path /var/log/audit/audit.log
  read_from_head false
  tag audit
</source>

<filter audit>
  @type record_transformer
  <record>
    raw_message ${record["message"]}
  </record>
</filter>

<filter audit>
  @type parse_audit_log #fluent-plugin-filter-parse-audit-log
</filter>

But if I do the record_transformer before the parse_audit_log my new raw_message field is lost, and if I do it after, then there is no message field to copy from any more so it is set to null.

In an ideal world, I would have three fields under the json payload like:

jsonPayload: {
raw_message: "type=SYSCALL msg=audit(1611581847.881:273): ........."
body: {1}
header: {2}

Thanks

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.