1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
datetime,timestamp_desc,source,source_long,message,parser,display_name,tag
2012-01-22T07:52:33.000000+00:00,Content Modification Time,LOG,Log File,[client pid: 30840] INFO No change in [/etc/netgroup]. Done,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-01-22T07:52:33.000000+00:00,Content Modification Time,LOG,Log File,[client pid: 30840] INFO No new content in ímynd.dd.,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-01-22T07:53:01.000000+00:00,Content Modification Time,LOG,Cron log,Cron ran: touch /var/run/crond.somecheck for user: root pid: 31051,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-01-22T07:54:01.000000+00:00,Content Modification Time,LOG,Cron log,Cron ran: /sbin/status.mycheck) for user: root pid: 31067,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-01-22T07:54:01.000000+00:00,Content Modification Time,LOG,Cron log,Cron ran: touch /var/run/crond.somecheck for user: root pid: 31068,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-01-22T07:54:32.000000+00:00,Content Modification Time,LOG,Log File,[Job] `cron.daily' terminated,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-02-29T01:15:43.000000+00:00,Content Modification Time,LOG,Log File,[---] testing leap year in parsing events take place in 2012 ---,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2012-12-18T17:54:32.000000+00:00,Content Modification Time,LOG,Log File,[anacron pid: 1234] No true exit can exist (124 job run),text/syslog_traditional,OS:/tmp/test/test_data/syslog,exit1 exit2
2013-03-23T23:01:18.000000+00:00,Content Modification Time,LOG,Log File,[somrandomexe pid: 1915] This syslog message is brought to you by me (and not the other guy),text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2013-03-23T23:01:18.000000+00:00,Content Modification Time,LOG,Log File,[somrandomexe pid: 19] This syslog message has a fractional value for seconds.,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2013-11-18T01:15:20.000000+00:00,Content Modification Time,LOG,Log File,[aprocess pid: 10100] This is a multi-line message that screws up many syslog parsers.,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2013-12-31T17:54:32.000000+00:00,Content Modification Time,LOG,Log File,[/sbin/anacron pid: 1234] Another one just like this (124 job run),text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2014-02-06T15:16:30.000000+00:00,Content Modification Time,LOG,Log File,[process pid: 2085] Test message with single character day,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2014-11-18T01:15:43.000000+00:00,Content Modification Time,LOG,Log File,[---] last message repeated 5 times ---,text/syslog_traditional,OS:/tmp/test/test_data/syslog,repeated
2014-11-18T08:30:20.000000+00:00,Content Modification Time,LOG,Log File,[kernel] [997.390602] sda2: rw=0 want=65 limit=2,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2014-11-18T08:31:20.000000+00:00,Content Modification Time,LOG,Log File,[kernel] [998.390602] sda2: rw=0 want=66 limit=2,text/syslog_traditional,OS:/tmp/test/test_data/syslog,-
2023-03-27T03:47:03.767381+00:00,Content Modification Time,FILE,File stat,OS:/tmp/test/test_data/syslog Type: file Owner identifier: 1000 Group identifier: 1000 Mode: 0o644 Number of links: 1,filestat,OS:/tmp/test/test_data/syslog,-
2023-03-27T03:47:03.767381+00:00,Metadata Modification Time,FILE,File stat,OS:/tmp/test/test_data/syslog Type: file Owner identifier: 1000 Group identifier: 1000 Mode: 0o644 Number of links: 1,filestat,OS:/tmp/test/test_data/syslog,-
2023-03-27T03:47:05.830383+00:00,Last Access Time,FILE,File stat,OS:/tmp/test/test_data/syslog Type: file Owner identifier: 1000 Group identifier: 1000 Mode: 0o644 Number of links: 1,filestat,OS:/tmp/test/test_data/syslog,-
2023-03-27T03:47:08.884386+00:00,Last Access Time,FILE,File stat,OS:/tmp/test/test_data/syslog Type: file Owner identifier: 1000 Group identifier: 1000 Mode: 0o644 Number of links: 1,filestat,OS:/tmp/test/test_data/syslog,-
|
