Mercurial > logstash

diff logstash.conf @ 5:6b7beb807d14

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add dnsbl patterns
author Carl Byington <carl@five-ten-sg.com>
date Fri, 22 Mar 2013 10:31:48 -0700
parents 796ac0b50dbf
children 97712c48f7fe
line wrap: on
line diff
--- a/logstash.conf	Thu Mar 07 21:24:02 2013 -0800
+++ b/logstash.conf	Fri Mar 22 10:31:48 2013 -0700
@@ -29,17 +29,17 @@
 filter {
     grok {
         type => "sendmail"
-        pattern => "%{SENDMAIL}"
+        pattern => [ "%{DNSBL}", "%{SENDMAIL}" ]
         patterns_dir => "/var/lib/logstash/data/patterns"
     }
     grep {
         type => "sendmail"
-        match => [ "program", "sendmail" ]
+        match => [ "program", "sendmail|dnsbl" ]
     }
     grep {
         type => "sendmail"
         negate => true
-        match => [ "message", "^(M|m)ilter" ]
+        match => [ "program", "sendmail", "message", "^(M|m)ilter" ]
     }
 
     grok {