filebeat-plugin-nftables-log

command module
v0.0.0-...-2dd6ac7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 8, 2020 License: LGPL-3.0 Imports: 10 Imported by: 0

README

Processor

Beats processor for parsing Linux nftables log messages

Building

Type make That should build a shared library like filebeat-plugin-nftables-log-linux-amd64.so under Linux, or filebeat-plugin-nftables-log.dll under Windows

Running

Run filebeat --plugin <path to sharedlibrary>

Configuration

This processor supports three settings:

  • "field": the name of the field where the nftables log is stored. By default, the value is "message"
  • "marker": text before the firewall log. This is the "prefix" configured in nftables log statement.
  • "target": the name of the field where the fields found are stored. By default, they are stored in the root (the value is "").
  • "overwrite_keys": if "target" is defined, whether to overwrite it, when it already exists

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.