Skip to content

Commit

Permalink
Reorder headers for infoblox module (#23273) (#23293)
Browse files Browse the repository at this point in the history
* Reorder headers for infoblox module

This reorders the syslog headers parsers for the infoblox/nios dataset
so that the simpler header is picked up first. Otherwise it will
fail to properly parse logs.

Fixes #23272

* Changelog entry

(cherry picked from commit 27d0f08)
  • Loading branch information
adriansr authored Dec 28, 2020
1 parent 37a0583 commit 0dc3fc6
Show file tree
Hide file tree
Showing 6 changed files with 1,079 additions and 1,012 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix Cisco ASA/FTD module's parsing of WebVPN log message 716002. {pull}22966[22966]
- Add support for organization and custom prefix in AWS/CloudTrail fileset. {issue}23109[23109] {pull}23126[23126]
- Simplify regex for organization custom prefix in AWS/CloudTrail fileset. {issue}23203[23203] {pull}23204[23204]
- Fix syslog header parsing in infoblox module. {issue}23272[23272] {pull}23273[23273]

*Heartbeat*

Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/infoblox/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
This is a module for Infoblox NIOS logs.

Autogenerated from RSA NetWitness log parser 2.0 XML infobloxnios version 134
at 2020-07-13 17:55:37.264156 +0000 UTC.
at 2020-12-23 15:19:50.215335 +0000 UTC.

20 changes: 10 additions & 10 deletions x-pack/filebeat/module/infoblox/nios/config/pipeline.js
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ function DeviceProcessor() {
}
}

var dup1 = match("HEADER#0:006/0", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{p0}");
var dup1 = match("HEADER#1:006/0", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{p0}");

var dup2 = setc("eventcategory","1401070000");

Expand Down Expand Up @@ -236,16 +236,20 @@ var dup77 = match_copy("MESSAGE#225:syslog", "nwparser.payload", "event_descript
dup62,
]));

var part1 = match("HEADER#0:006/1_0", "nwparser.p0", "%{hhostip} %{messageid}[%{data}]: %{p0}");
var hdr1 = match("HEADER#0:001", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{messageid}[%{data}]: %{payload}", processor_chain([
setc("header_id","001"),
]));

var part2 = match("HEADER#0:006/1_1", "nwparser.p0", "%{hhostip} %{messageid}: %{p0}");
var part1 = match("HEADER#1:006/1_0", "nwparser.p0", "%{hhostip} %{messageid}[%{data}]: %{p0}");

var part2 = match("HEADER#1:006/1_1", "nwparser.p0", "%{hhostip} %{messageid}: %{p0}");

var select1 = linear_select([
part1,
part2,
]);

var part3 = match_copy("HEADER#0:006/2", "nwparser.p0", "payload");
var part3 = match_copy("HEADER#1:006/2", "nwparser.p0", "payload");

var all1 = all_match({
processors: [
Expand All @@ -258,10 +262,6 @@ var all1 = all_match({
]),
});

var hdr1 = match("HEADER#1:001", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{messageid}[%{data}]: %{payload}", processor_chain([
setc("header_id","001"),
]));

var hdr2 = match("HEADER#2:005", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{hdata}: %{messageid->} %{payload}", processor_chain([
setc("header_id","005"),
]));
Expand Down Expand Up @@ -301,8 +301,8 @@ var hdr5 = match("HEADER#6:0005", "message", "%{month->} %{day->} %{time->} %{hh
]));

var select3 = linear_select([
all1,
hdr1,
all1,
hdr2,
all2,
hdr3,
Expand Down Expand Up @@ -3565,7 +3565,7 @@ var chain1 = processor_chain([
}),
]);

var hdr6 = match("HEADER#0:006/0", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{p0}");
var hdr6 = match("HEADER#1:006/0", "message", "%{month->} %{day->} %{time->} %{hhostname->} %{p0}");

var part324 = match("MESSAGE#19:dhcpd:18/0", "nwparser.payload", "%{} %{p0}");

Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/infoblox/nios/manifest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ var:
- name: syslog_host
default: localhost
- name: syslog_port
default: 9532
default: 9512
- name: input
default: udp
- name: community_id
Expand Down
200 changes: 100 additions & 100 deletions x-pack/filebeat/module/infoblox/nios/test/generated.log
Original file line number Diff line number Diff line change
@@ -1,100 +1,100 @@
January 29 06:09:59 volup208.invalid eosquir: openvpn-master OpenVPN 1.5191 [igmp] [nulapari] mwritten
Feb 12 13:12:33 com1060.api.example 10.14.94.160 cloud_api[tur]: proxying request to atio5608.www5.localhost(10.202.204.154) eFini https://www.example.org/exe/iatu.jpg?orsitame=reprehe#rsitam ggp issusci
Feb 26 20:15:08 ptass3168.www5.example 10.62.40.126 netauto_core[taliqu]: ommod: Attempting CLI on devicescivelwith interface not in table, ip10.13.70.213
March 12 03:17:42 estqui6557.www.localhost -:syslog-ng equuntu
March 26 10:20:16 mcolabor1656.www5.corp 10.56.250.70 acpid[veleumi]: tia
Apr 9 17:22:51 tempo7542.api.host :debug tempor
April 24 00:25:25 Cice513.api.local 10.143.220.51 openvpn-member: read igmp [occ] ect (code=reetdolo)
May 8 07:27:59 obeataev7086.mail.invalid autfu: speedstep_control natura
May 22 14:30:33 nibusBon7400.localhost isiu: ErrorMsg success
June 5 21:33:08 iat1852.api.localdomain 10.64.155.245 ntpd_initres: ntpd exiting on signal 15
June 20 04:35:42 mquisnos5771.example ntpdate[etconsec]: adjust time server 10.104.111.129 offset 61.614000 sec
July 4 11:38:16 ite996.host kernel[umdo]: Linux version 1.3162 (umdolore) (eniam) reetdolo
July 18 18:40:50 enim2780.www.lan rc6[eriame]: lorema
August 2 01:43:25 atuse2703.localhost -:INFOBLOX-Grid Upgrade Complete
Aug 16 08:45:59 llumquid3933.internal.corp :ErrorMsg failure
August 30 15:48:33 emporinc5075.internal.host watchdog[atcu]: oremagna could not be opened, errno = ationu
September 13 22:51:07 strude910.internal.local 10.27.72.147 shutdown: shutting down for system reboot
September 28 05:53:42 fugit7668.www5.invalid -:ntpd_initres ntpd exiting on signal 15
October 12 12:56:16 lpa4844.www.home :ipmievd rudexerc
October 26 19:58:50 itaut7095.invalid 10.103.107.47 rc: executing ritatis start
November 10 03:01:24 icab4668.local :syslog-ng isaute
November 24 10:03:59 colabor1552.www5.local untut: phonehome lorumw
December 8 17:06:33 inima5444.www5.lan validate_dhcpd[nihi]: Lor
December 23 00:09:07 erc3217.internal.lan debug_mount[olupt]: mount modoco
January 6 07:11:41 giatquov383.domain :rcsysinit riat
January 20 14:14:16 uames499.internal.host isnostru: named accept on IPv4 interface lo1132, 10.45.25.68#1463
February 3 21:16:50 iineavo951.internal.test 10.25.192.202 rcsysinit[intoccae]: fsck from 1.2299
February 18 04:19:24 Loremip6417.mail.test emoeni: syslog oenimips
March 4 11:21:59 mnisist2347.mail.host 10.142.139.20 sSMTP[temveleu]: Sent mail for colabo (eme)
March 18 18:24:33 reetd6051.www.example -:db_jnld Resolved conflict for replicated delete of CNAME "maccusa" in zone "uptat"
April 2 01:27:07 xerci0.mail.example :init olorema
April 16 08:29:41 datatn5076.internal.example 10.122.46.71 snmptrapd: NET-SNMP version 1.2807 ihilm
April 30 15:32:16 ercit2385.internal.home rsyncd[run]: building file list
May 14 22:34:50 quisnos4590.mail.domain nnum: httpd eritqu
May 29 05:37:24 wri2784.api.domain hitect: restarting dol
June 12 12:39:58 asun1250.api.localdomain rc3[oluptate]: onseq
June 26 19:42:33 emoe6540.www.domain -:diskcheck itanimi
July 11 02:45:07 intoc2428.domain scheduled_backups[dantiumt]: Backup to luptasn was successful - Backup file equat
July 25 09:47:41 ento4488.www5.localhost eriamea: rc6 amre
August 8 16:50:15 boris5916.www5.example 10.2.53.125 controld[uioffi]: Distribution Complete
August 22 23:52:50 temqu3331.api.host ipi: phonehome reseos
September 6 06:55:24 iutali2138.www.localdomain db_jnld[liquide]: Resolved conflict for replicated delete of CNAME "etdol" in zone "uela"
September 20 13:57:58 radi1512.mail.example 10.101.74.101 openvpn-member: read rdp [ris] uamqu (code=lor)
October 4 21:00:32 quaturve2798.internal.localdomain :scheduled_backups Backup to sin was successful - Backup file rvel
October 19 04:03:07 onsecte7184.mail.domain uptasn: syslog-ng reme
November 2 11:05:41 eveli265.www5.localdomain nse: ipmievd non
Nov 16 18:08:15 derit4688.mail.localhost 10.57.42.152 cloud_api[didunt]: proxying request to uptatema6843.www.host(10.74.104.215) xeacomm https://internal.example.net/nofdeFin/sequam.txt?idex=mfugiat#nisiuta tcp rroquis
December 1 01:10:49 llumdolo4824.internal.lan -:shutdown shutting down for system reboot
December 15 08:13:24 evolup4403.local 10.121.203.60 INFOBLOX-Grid[smo]: Upgrade to etcons
December 29 15:15:58 tur90.www.home :rsyncd connect from ariatu4198.example (10.81.202.38)
January 12 22:18:32 nonn839.api.corp 10.35.99.92 smart_check_io: temquiav
January 27 05:21:06 adm7744.mail.domain 10.26.87.161 rcsysinit: isc
February 10 12:23:41 ios6980.example 10.246.64.161 watchdog: deny, pid = 845
February 24 19:26:15 osquira6030.internal.corp diskcheck[com]: tnulapa
March 11 02:28:49 squirati63.mail.lan watchdog[nbyCic]: utlabor
March 25 09:31:24 lup2134.www.localhost rc[upida]: executing tvolupt start
April 8 16:33:58 umdo4017.www.local snmptrapd[ati]: uine
April 22 23:36:32 loreme853.www5.localdomain ven: snmptrapd con
May 7 06:39:06 orumSe728.internal.test 10.157.18.252 openvpn-master[itess]: read icmp [evit]: runtm (code=molli)
May 21 13:41:41 oremi7400.www.local 10.219.233.80 acpid[ineavo]: pexe
June 4 20:44:15 ess651.test 10.95.66.217 in.tftpd[reprehen]: connection refused from 10.143.187.97
June 19 03:46:49 epre6970.www.example 10.53.43.139 serial_console[atatn]: RADIUS authentication succeeded for user temUt
July 3 10:49:23 tali7803.www.localdomain its: httpd ender
July 17 17:51:58 orumSe1495.www5.local :init dutp
August 1 00:54:32 veli2530.www.host -:init eumiure
August 15 07:57:06 uradi6198.test tiaec: ntpd frequency initialized success from psum
August 29 14:59:40 umSe1918.local itau: ntpd ntpd exiting on signal 2836
September 12 22:02:15 nBCSedut1502.www5.example :dhcpd received shutdown -/-/ failure
September 27 05:04:49 odoconse228.mail.localdomain veli: syslog-ng tenim
October 11 12:07:23 miurerep1152.internal.domain -:pidof can't read sid from utlab
October 25 19:09:57 cteturad4074.mail.host nreprehe: validate_dhcpd tetu
November 9 02:12:32 itation6137.home osqui: debug_mount mount sequat
sshd: Sleep 60 seconds for slowing down ssh login
December 7 16:17:40 dun1276.api.localdomain inimveni: ntpd time slew failure
December 21 23:20:14 iquidexe304.mail.test 10.195.64.5 smart_check_io: oreetd
January 5 06:22:49 moenimi2558.mail.domain :radiusd gna
Jan 19 13:25:23 preh2690.api.localdomain captured_dns_uploader[mac]: qui
February 2 20:27:57 rem3032.mail.domain 10.203.65.161 kernel: Linux version 1.7214 (ica) (lillum) remips
February 17 03:30:32 tetur2694.mail.local ipi: openvpn-member OpenVPN 1.7727 [ipv6-icmp] [uaeab] itinv
March 3 10:33:06 utaliqu6138.mail.localhost nvolupt: pidof can't read sid from oremi
March 17 17:35:40 niamqui7678.invalid -:scheduled_scp_backups Scheduled backup to the pid was successful - Backup file rExc
April 1 00:38:14 tame4953.mail.localhost prehen: restarting ntutlabo
April 15 07:40:49 loi7596.www5.home 10.31.177.226 scheduled_backups[deserun]: Backup to esseq was successful - Backup file adminima
Apr 29 14:43:23 mmodoc4947.internal.test ErrorMsg[atu]: unknown
May 13 21:45:57 olorem2760.www5.test quunt: ntpd_initres ntpd exiting on signal 15
May 28 04:48:31 dol3346.www.lan scheduled_ftp_backups[olorese]: Scheduled backup to the ori failed - unknown.
June 11 11:51:06 ercit6496.api.local ugiatn: scheduled_scp_backups Scheduled backup to the midestl was successful - Backup file dictasun
June 25 18:53:40 ectiono2241.lan -:rcsysinit fsck from 1.1674
Jul 10 01:56:14 alorum4439.corp :captured_dns_uploader atDu
July 24 08:58:48 agnaaliq1829.mail.test :ntpd_initres ntpd exiting on signal 15
August 7 16:01:23 col3570.www.invalid tinvolup: sSMTP Sent mail for tsed (inv) uid=rroq username=rcit outbytes=2807
August 21 23:03:57 mipsamvo4282.api.home reetdo: init oreveri
September 5 06:06:31 Except6889.www.corp -:rc3 umetMal
Sep 19 13:09:05 umq1309.api.test uae: debug mve
October 3 20:11:40 ugit5828.www5.test rc[asnu]: executing hitec start
October 18 03:14:14 ntexplic4824.internal.localhost :ntpd_initres ntpd exiting on signal 15
November 1 10:16:48 archite1843.mail.home isqua: radiusd uta
November 15 17:19:22 derit5270.mail.local 10.105.52.140 rcsysinit: ntexpl
November 30 00:21:57 itanim4024.api.example 10.180.101.232 ntpdate: adjust time server 10.156.34.19 offset 98.036000 sec
sshd[saquaea]: Did not receive identification string from 10.222.251.114
January 29 06:09:59 doeiu3942.localdomain -:rc executing eporr start
February 12 13:12:33 tia7019.www.invalid :diskcheck quis
February 26 20:15:08 dolo1720.api.example 10.250.162.122 logger: com
March 12 03:17:42 ratio1111.localdomain -:diskcheck atio
March 26 10:20:16 tconsec5932.mail.domain shutdown[uam]: shutting down for system reboot
April 9 17:22:51 llu4762.mail.localdomain snmptrapd[scivel]: NET-SNMP version 1.5695 aperi
April 24 00:25:25 estqui6557.www.localhost -:syslog-ng equuntu
May 08 07:27:59 mcolabor1656.www5.corp netauto_discovery[giatq]: quid:fug(uatDuis)10.68.114.91/veri: SNMP Credentials: Failed to authenticate
May 22 14:30:33 exercit4665.internal.domain -:scheduled_ftp_backups Scheduled backup to the eetd was successful - Backup file eip
June 5 21:33:08 iutal13.api.localdomain python[eacomm]: Utenimad: nibusBon.ehend [ueipsaqu]: Populated uidolore niamqu222.localdomain DnsView=tevelit
June 20 04:35:42 boree6686.www5.host ntpd[iinea]: ipit
July 4 11:38:16 itlabori2344.mail.invalid -:openvpn-member OpenVPN 1.4105 [icmp] [aper] essequ
July 18 18:40:50 tessec3539.home nsect: rc6 ntutl
August 2 01:43:25 siuta2896.www.localhost -:ntpd ntpd exiting on signal 2946
August 16 08:45:59 strude910.internal.local pidof[ittenbyC]: can't read sid from aperi
August 30 15:48:33 lores1409.www.home :sSMTP etc
September 13 22:51:07 nimadmin1493.www5.example rc3[lpa]: entsu
September 28 05:53:42 mqui4683.www.localhost tasuntex: kernel sunt
October 12 12:56:16 incidi2966.www.test controld[olupt]: Distribution Complete
October 26 19:58:50 ugiatnu5252.internal.localdomain -:syslog erc
November 10 03:01:24 aperia4409.www5.invalid :controld Distribution Started
November 24 10:03:59 emagnama4259.example 10.206.136.206 dhcpd: Average suntinc dynamic DNS update latency: success micro seconds
December 8 17:06:33 isno2228.home nnu: smart_check_io dolo
December 23 00:09:07 amvolup7700.www5.corp 10.19.194.101 rsyncd: rsync on orinrepr from conse2991.internal.lan (10.116.104.101)
January 6 07:11:41 tat7551.internal.local rc6[itinvo]: mdolore
January 20 14:14:16 siarchi2289.mail.lan debug_mount[olupta]: mount mipsumd
February 3 21:16:50 remi2114.local ionevo: ntpd ntpd exiting on signal 3219
February 18 04:19:24 dolor2707.api.localhost httpd[commod]: 2017-2-18 4:19:24.adol [doloremi]: Login_Denied - - to=luptasn ip=10.153.111.103 info=itquiin
March 4 11:21:59 que651.www5.host init[etconse]: tincu
Mar 18 18:24:33 asun1250.api.localdomain DIS[oluptate]: onseq:serunt: Deviceaquaeabi/10.171.157.74login failurefailure
April 2 01:27:07 ento4488.www5.localhost :rc6 eriamea
April 16 08:29:41 pisciv7108.lan 10.140.136.44 named: client 10.31.14.36#2285/key dhcp_updater_default: signer "vitaedi" approved
April 30 15:32:16 veniamq1608.www.localdomain colab: diskcheck ommodico
May 14 22:34:50 tin183.api.corp netauto_discovery[sperna]: eabilloi:estia(tper)10.163.5.243/osqui: SNMP Credentials: Failed to authenticate
May 29 05:37:24 fdeFi1123.api.domain INFOBLOX-Grid[etdol]: Started distribution on member with IP address 10.177.36.38
June 12 12:39:58 aevit37.www5.test ati: kernel Linux version 1.6668 (gel) (lorsitam) mpo
June 26 19:42:33 aliquam1364.api.corp -:syslog eratv
July 11 02:45:07 uir1374.mail.domain -:smart_check_io quiratio
July 25 09:47:41 nse2256.www.localdomain equat: db_jnld Resolved conflict for replicated delete of TXT "derit" in zone "dexea"
August 8 16:50:15 lapar1024.www5.local intocc: sSMTP Unable to locate liqu2936.api.localdomain.
August 22 23:52:50 tDuisaut3296.www.invalid scheduled_ftp_backups[imvenia]: Scheduled backup to the spi was successful - Backup file stquido
September 6 06:55:24 upta3300.www.home 10.233.48.103 diskcheck: leumiur
September 20 13:57:58 vita2681.www5.local tobea: controld Distribution Complete
October 4 21:00:32 ersp3536.www5.lan 10.93.90.240 rsyncd: sent 1792 bytes received 7387 bytes total size tes
Oct 19 04:03:07 tnulapa7592.www.local DIS[eriti]: litessec: itas: Attempting discover-now for 10.251.106.205 on mporin, using session ID
November 2 11:05:41 roid6604.www.test -:syslog Nemoenim
November 16 18:08:15 nihil657.domain validate_dhcpd[rsitv]: iciade
December 1 01:10:49 ven660.api.lan amnih: watchdog cancel, pid = 3981
December 15 08:13:24 atatn7364.internal.localdomain debug_mount[ofdeFin]: mount essequam
December 29 15:15:58 umqu301.internal.home init[inesci]: isnisi
January 12 22:18:32 riamea1540.www.host -:ntpd_initres ntpd exiting on signal 15
January 27 05:21:06 siut5663.local piscinge: rcsysinit fsck from 1.271
February 10 12:23:41 cinge7339.api.corp -:diskcheck vitaedi
February 24 19:26:15 dolore7072.www5.localhost ect: logger modocons
March 11 02:28:49 odoconse228.mail.localdomain -:syslog-ng veli
March 25 09:31:24 labo267.internal.localhost httpd[etdo]: 2018-3-25 9:31:24.par [lorin]: Login_Denied - - to=pitl ip=10.204.128.215 info=ama
Apr 8 16:33:58 roidents6540.internal.corp -:debug tametcon
April 22 23:36:32 miurerep1152.internal.domain pidof[utlab]: can't read sid from emUteni
May 07 06:39:06 inimve2352.lan :captured_dns_uploader mco
May 21 13:41:41 amcorp1275.www5.host netauto_core[liqua]: netautoctl:olo
Jun 04 20:44:15 fdeF593.internal.lan DIS[niamq]: lapariat: remagn: Attempting discover-now for 10.238.140.186 on tiaec, using session ID
June 19 03:46:49 upt4986.mail.corp ntpdate[idunt]: luptat
July 3 10:49:23 lillum7809.mail.local taedicta: logger ritt
July 17 17:51:58 tetur2694.mail.local ipi: openvpn-member OpenVPN 1.7727 [ipv6-icmp] [uaeab] itinv
August 1 00:54:32 utaliqu6138.mail.localhost nvolupt: pidof can't read sid from oremi
August 15 07:57:06 atcupi2332.mail.localdomain -:INFOBLOX-Grid Upgrade to ore
August 29 14:59:40 luptatem6874.mail.test purge_scheduled_tasks[dat]: Scheduled tasks have been purged
September 12 22:02:15 tame4953.mail.localhost prehen: restarting ntutlabo
September 27 05:04:49 sequa1715.www5.domain sshd[eirure]: Accepted password for root from 10.210.113.252 port 4184 udp
October 11 12:07:23 tconsec5315.internal.example :kernel Linux version 1.341 (fugi) (labo) nostrud
October 25 19:09:57 cupi1867.www5.test :rcsysinit orroq
November 9 02:12:32 rcit2043.api.home 10.107.45.175 smart_check_io: ssecil
November 23 09:15:06 mes4801.internal.test 10.243.121.97 python: cancel: FQDN='illu4875.api.host', View='tatevel'
December 7 16:17:40 its7867.internal.invalid 10.44.115.94 debug_mount: mount isn
Dec 21 23:20:14 equ4808.www.localhost DIS[siuta]: urmagn:dquia: Devicetemporin/10.46.166.75login failuresuccess
Jan 05 06:22:49 idi7668.www5.test rum: captured_dns_uploader eataevi
January 19 13:25:23 iqu4614.www5.example 10.60.211.199 init: modocon
February 2 20:27:57 agnaaliq1829.mail.test :ntpd_initres ntpd exiting on signal 15
February 17 03:30:32 col3570.www.invalid tinvolup: sSMTP Sent mail for tsed (inv) uid=rroq username=rcit outbytes=2807
March 3 10:33:06 mipsamvo4282.api.home reetdo: init oreveri
March 17 17:35:40 Except6889.www.corp -:rc3 umetMal
Apr 1 00:38:14 umq1309.api.test uae: debug mve
April 15 07:40:49 tatem4180.www.home 10.102.166.19 python: deny: FQDN='eritatis6343.api.local', View='mquisn'
April 29 14:43:23 quir7168.api.localdomain labore: syslog uela
May 13 21:45:57 iuntNequ7202.api.domain -:controld Distribution Complete
May 28 04:48:31 veniamq1236.invalid emo: radiusd itq
June 11 11:51:06 nderiti409.api.domain -:syslog Cic
June 25 18:53:40 tatem6156.www.local :dhcpd received shutdown -/-/ success
July 10 01:56:14 uamnihil6127.api.domain 10.29.119.245 python: accept: 'olli3116.internal.example' in view 'rsp'.
Jul 24 08:58:48 roquisqu1205.api.domain netauto_core[nim]: utaliqu: Attempting CLI on devicersiwith interface not in table, ip10.118.155.14
August 7 16:01:23 suntex5169.www.example phonehome[esci]: uov
August 21 23:03:57 fici5161.www5.example olup: debug_mount mount aco
September 5 06:06:31 orsi7617.www5.corp lorsita: shutdown shutting down for system reboot
September 19 13:09:05 osamnis4912.mail.host npr: radiusd etconsec
Oct 03 20:11:40 urExcept6809.www5.corp captured_dns_uploader[atcupida]: tessequa
Oct 18 03:14:14 icab3519.localdomain dhcpdv6[plicaboN]: Encapsulated Renew message from 2001:db8::b1f51444:f88dd359 port 2496 from client DUID acommo, transaction ID isi
November 1 10:16:48 abor4353.www5.host ame: python tesseq
November 15 17:19:22 olorem290.api.lan sshd[culpaqui]: deny: logout() unknown
November 30 00:21:57 ventore3612.www.home purge_scheduled_tasks[emp]: Scheduled tasks have been purged
Dec 14 07:24:31 uptatem4483.localhost tacacs_acct[inrepr]: mol: Server 10.111.52.69 port 6073: asperna
Loading

0 comments on commit 0dc3fc6

Please sign in to comment.