github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok-import/test.yaml

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok-import/test.yaml (about)

     1  #these are the events we input into parser
     2  lines:
     3    - Line:
     4        Labels:
     5          #this one will be checked by a filter
     6          type: testlog
     7        Raw: <123.120>
     8    - Line:
     9    #see tricky case : first one is nginx via syslog, the second one is local nginx :)
    10        Labels:
    11          #this one will be checked by a filter
    12          type: testlog
    13        Raw: <123.121>
    14    - Line:
    15    #see tricky case : first one is nginx via syslog, the second one is local nginx :)
    16        Labels:
    17          #this one will be checked by a filter
    18          type: testlog
    19        Raw: XXXX         
    20  #these are the results we expect from the parser
    21  results:
    22    - Meta:
    23        log_type: parsed_testlog
    24      Parsed:
    25        facility: 123
    26        priority: 120
    27      Enriched:
    28        subgrok_static_why_is_it_still_here: because
    29      Process: true
    30      Stage: s00-raw
    31    - Meta:
    32        log_type: parsed_testlog
    33      Parsed:
    34        facility: 123
    35        priority: 121
    36      Enriched:
    37        subgrok_static_why_is_it_still_here: because
    38      Process: true
    39      Stage: s00-raw
    40    - Process: false
    41      Stage: s00-raw
    42      Line:
    43        Raw: XXXX