Skip to content

Commit

Permalink
Added addtional date parsing for SWG formats
Browse files Browse the repository at this point in the history
  • Loading branch information
@brian-grabau
brian-grabau committed Aug 19, 2024
1 parent 561a2a8 commit 548878d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion config/processors/syslog_security_skyhigh.swg.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ if [tmp_csv] !~ "\w,\w" {
date {
# "26/aug/2020:19:35:09.533 +0000"
# ts=[12/oct/2020:17:24:01 +0000]
match => ["[event][created]", "ISO8601","MMM dd HH:mm:ss","dd/MMM/yyyy:HH:mm:ss ZZ" ]
match => ["[event][created]", "ISO8601" , "dd/MMM/yyyy:HH:mm:ss Z", "MMM dd HH:mm:ss","dd/MMM/yyyy:HH:mm:ss ZZ" ]
timezone => "GMT"
locale => "en"
target => "[event][created]"
Expand Down

0 comments on commit 548878d

Please sign in to comment.