Uploaded image for project: 'Metron (Retired)'
  1. Metron (Retired)
  2. METRON-1453

Create a Generic Syslog Base Parser Capability

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Done
    • Major
    • Resolution: Done
    • None
    • None
    • None

    Description

      We have several parsers now, with many imaginable that are based on syslog, where the format is SYSLOG HEADER MESSAGE.

      With message being in a different format.  It would be great is we

      had a way to generically handle syslog headers, such that ANY parser data could come over syslog.

      Either you could have a custom parser, or configure CSV or JSON such that they could be the payload, such that you can handle JSON over syslog by configuration only.

       

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1175

          There are no Sub-Tasks for this issue.

          Activity

            People

              otto Otto Fowler
              otto Otto Fowler
              Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 2h 40m
                  2h 40m