github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok/base-grok.yaml

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/parser/tests/base-grok/base-grok.yaml (about)

     1  filter: "evt.Line.Labels.type == 'testlog'"
     2  debug: true
     3  onsuccess: next_stage
     4  name: tests/base-grok
     5  pattern_syntax:
     6    MYCAP1: ".*"
     7  nodes:
     8    - grok:
     9        pattern: ^xxheader %{MYCAP1:extracted_value} trailing stuff$
    10        apply_on: Line.Raw
    11  statics:
    12    - meta: log_type
    13      value: parsed_testlog
    14