crowdsec/pkg/parser/tests/base-grok/base-grok.yaml

filter: "evt.Line.Labels.type == 'testlog'"
debug: true
onsuccess: next_stage
name: tests/base-grok
pattern_syntax:
  MYCAP1: ".*"
nodes:
  - grok:
      pattern: ^xxheader %{MYCAP1:extracted_value} trailing stuff$
      apply_on: Line.Raw
statics:
  - meta: log_type
    value: parsed_testlog
initial import 2020-05-15 09:39:16 +00:00			`filter: "evt.Line.Labels.type == 'testlog'"`
			`debug: true`
			`onsuccess: next_stage`
			`name: tests/base-grok`
			`pattern_syntax:`
unique pattern names 2020-05-24 10:44:33 +00:00			`MYCAP1: ".*"`
initial import 2020-05-15 09:39:16 +00:00			`nodes:`
			`- grok:`
unique pattern names 2020-05-24 10:44:33 +00:00			`pattern: ^xxheader %{MYCAP1:extracted_value} trailing stuff$`
initial import 2020-05-15 09:39:16 +00:00			`apply_on: Line.Raw`
			`statics:`
			`- meta: log_type`
			`value: parsed_testlog`