beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
crowdsec/config/acquis.yaml
sabban 350e2081f2 add journalctl for ssh by default
2023-06-28 10:23:40 +02:00

23 lines
383 B
YAML
Raw Blame History

filenames:
- /var/log/nginx/*.log
- ./tests/nginx/nginx.log
#this is not a syslog log, indicate which kind of logs it is
labels:
type: nginx
---
filenames:
- /var/log/auth.log
- /var/log/syslog
labels:
type: syslog
---
source: journalctl
journalctl_filter:
- "_SYSTEMD_UNIT=ssh.service"
labels:
type: syslog
---
filename: /var/log/apache2/*.log
labels:
type: apache2
Reference in a new issue View git blame Copy permalink