bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/config/patterns/haproxy

bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/config/patterns/haproxy (about)

     1  ## These patterns were tested w/ haproxy-1.4.15
     2  
     3  ## Documentation of the haproxy log formats can be found at the following links:
     4  ## http://code.google.com/p/haproxy-docs/wiki/HTTPLogFormat
     5  ## http://code.google.com/p/haproxy-docs/wiki/TCPLogFormat
     6  
     7  HAPROXYTIME %{HOUR:haproxy_hour}:%{MINUTE:haproxy_minute}(?::%{SECOND:haproxy_second})
     8  HAPROXYDATE %{MONTHDAY:haproxy_monthday}/%{MONTH:haproxy_month}/%{YEAR:haproxy_year}:%{HAPROXYTIME:haproxy_time}.%{INT:haproxy_milliseconds}
     9  
    10  # Override these default patterns to parse out what is captured in your haproxy.cfg
    11  HAPROXYCAPTUREDREQUESTHEADERS %{DATA:captured_request_headers}
    12  HAPROXYCAPTUREDRESPONSEHEADERS %{DATA:captured_response_headers}
    13  
    14  # Example:
    15  #  These haproxy config lines will add data to the logs that are captured
    16  #  by the patterns below. Place them in your custom patterns directory to
    17  #  override the defaults.
    18  #
    19  #  capture request header Host len 40
    20  #  capture request header X-Forwarded-For len 50
    21  #  capture request header Accept-Language len 50
    22  #  capture request header Referer len 200
    23  #  capture request header User-Agent len 200
    24  #
    25  #  capture response header Content-Type len 30
    26  #  capture response header Content-Encoding len 10
    27  #  capture response header Cache-Control len 200
    28  #  capture response header Last-Modified len 200
    29  #
    30  # HAPROXYCAPTUREDREQUESTHEADERS %{DATA:request_header_host}\|%{DATA:request_header_x_forwarded_for}\|%{DATA:request_header_accept_language}\|%{DATA:request_header_referer}\|%{DATA:request_header_user_agent}
    31  # HAPROXYCAPTUREDRESPONSEHEADERS %{DATA:response_header_content_type}\|%{DATA:response_header_content_encoding}\|%{DATA:response_header_cache_control}\|%{DATA:response_header_last_modified}
    32  
    33  # parse a haproxy 'httplog' line
    34  HAPROXYHTTPBASE %{IP:client_ip}:%{INT:client_port} \[%{HAPROXYDATE:accept_date}\] %{NOTSPACE:frontend_name} %{NOTSPACE:backend_name}/%{NOTSPACE:server_name} %{INT:time_request}/%{INT:time_queue}/%{INT:time_backend_connect}/%{INT:time_backend_response}/%{NOTSPACE:time_duration} %{INT:http_status_code} %{NOTSPACE:bytes_read} %{DATA:captured_request_cookie} %{DATA:captured_response_cookie} %{NOTSPACE:termination_state} %{INT:actconn}/%{INT:feconn}/%{INT:beconn}/%{INT:srvconn}/%{NOTSPACE:retries} %{INT:srv_queue}/%{INT:backend_queue} (\{%{HAPROXYCAPTUREDREQUESTHEADERS}\})?( )?(\{%{HAPROXYCAPTUREDRESPONSEHEADERS}\})?( )?"(<BADREQ>|(%{WORD:http_verb} (%{URIPROTO:http_proto}://)?(?:%{USER:http_user}(?::[^@]*)?@)?(?:%{URIHOST:http_host})?(?:%{URIPATHPARAM:http_request})?( HTTP/%{NUMBER:http_version})?))?"
    35  
    36  HAPROXYHTTP (?:%{SYSLOGTIMESTAMP:syslog_timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) %{IPORHOST:syslog_server} %{SYSLOGPROG}: %{HAPROXYHTTPBASE}
    37  
    38  # parse a haproxy 'tcplog' line
    39  HAPROXYTCP (?:%{SYSLOGTIMESTAMP:syslog_timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) %{IPORHOST:syslog_server} %{SYSLOGPROG}: %{IP:client_ip}:%{INT:client_port} \[%{HAPROXYDATE:accept_date}\] %{NOTSPACE:frontend_name} %{NOTSPACE:backend_name}/%{NOTSPACE:server_name} %{INT:time_queue}/%{INT:time_backend_connect}/%{NOTSPACE:time_duration} %{NOTSPACE:bytes_read} %{NOTSPACE:termination_state} %{INT:actconn}/%{INT:feconn}/%{INT:beconn}/%{INT:srvconn}/%{NOTSPACE:retries} %{INT:srv_queue}/%{INT:backend_queue}