Project

General

Profile

User story #11107

Compliance logfile parsing regex

Added by Janos Mattyasovszky 5 months ago. Updated 3 months ago.

Status:
Released
Priority:
N/A
Category:
Documentation
Target version:
Target version (plugin):
Suggestion strength:
User visibility:
Effort required:

Description

Hi,

At https://www.rudder-project.org/doc-4.1/_monitoring.html#_monitor_events you have a format for Logstash parsing of non-compliant-reports.log.

You might want to add the generic regex-formatted parsing (which could be used for other similar log-processing frameworks):

^\[(?P<Date>[^\]]+)\] N: (?P<NodeUUID>[^ ]+) \[(?P<NodeFQDN>[^\]]+)\] S: \[(?P<Result>[^\]]+)\] R: (?P<RuleUUID>[^ ]+) \[(?P<RuleName>[^\]]+)\] D: (?P<DirectiveUUID>[^ ]+) \[(?P<DirectiveName>[^\]]+)\] T: (?P<TechniqueName>[^/]+)/(?P<TechniqueVersion>[^ ]+) C: \[(?P<ComponentName>[^\]]+)\] V: \[(?P<ComponentKey>[^\]]+)\] (?P<Message>.+)$

Associated revisions

Revision a279164a
Added by Alexis MOUSSET 5 months ago

Fixes #11107: Compliance logfile parsing regex

History

#1 Updated by Alexis MOUSSET 5 months ago

  • Assignee set to Alexis MOUSSET
  • Target version set to 3.1.22

#2 Updated by Alexis MOUSSET 5 months ago

  • Status changed from New to In progress

#3 Updated by Alexis MOUSSET 5 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis MOUSSET to Nicolas CHARLES
  • Pull Request set to https://github.com/Normation/rudder-doc/pull/354

#4 Updated by Alexis MOUSSET 4 months ago

  • Status changed from Pending technical review to Pending release

#5 Updated by Vincent MEMBRÉ 3 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.1.22, 4.1.6 and 4.2.0~beta3 which were released today.

Also available in: Atom PDF