We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The ASA 304001 log event can produce log lines similar to both of the following:
Apr 27 04:18:49 some-random-vpn-fw-01 : %ASA-5-304001: 10.20.30.40 Accessed URL 10.20.30.40:http://10.20.30.40/ Apr 27 17:54:52 some-random-fw-01 : %ASA-5-304001: 10.20.30.40 Accessed JAVA URL 10.20.30.40:http://10.20.30.40/?class.classLoader.URLs[0]=struts_2_3_16_1_classloader_manipulation-1588024492
Currently the dissect processor used for this log type only account fro the first log line above.
beats/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml
Line 246 in 4b69bf2
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
The ASA 304001 log event can produce log lines similar to both of the following:
Currently the dissect processor used for this log type only account fro the first log line above.
beats/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml
Line 246 in 4b69bf2
The text was updated successfully, but these errors were encountered: