github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok-expression/test.yaml

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok-expression/test.yaml (about)

     1  #these are the events we input into parser
     2  lines:
     3    - Line:
     4        Labels:
     5          #this one will be checked by a filter
     6          type: testlog
     7        Raw: xxheader VALUE1 trailing stuff
     8    - Line:
     9    #see tricky case : first one is nginx via syslog, the second one is local nginx :)
    10        Labels:
    11          #this one will be checked by a filter
    12          type: testlog
    13        Raw: xxheader VALUE2 trailing stuff
    14  #these are the results we expect from the parser
    15  results:
    16    - Meta:
    17        log_type: parsed_testlog
    18      Parsed:
    19        extracted_value: VALUE1
    20      Process: true
    21      Stage: s00-raw
    22    - Meta:
    23        log_type: parsed_testlog
    24      Parsed:
    25        extracted_value: VALUE2
    26      Process: true
    27      Stage: s00-raw
    28