Skip to content

ramon-garcia/filebeat-plugin-nftables-log

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
config.go
config.go
 
 
main.go
main.go
 
 
nftables_log.go
nftables_log.go
 
 
nftables_log_test.go
nftables_log_test.go
 
 

Repository files navigation

Processor

Beats processor for parsing Linux nftables log messages

Building

Type make That should build a shared library like filebeat-plugin-nftables-log-linux-amd64.so under Linux, or filebeat-plugin-nftables-log.dll under Windows

Running

Run filebeat --plugin <path to sharedlibrary>

Configuration

This processor supports three settings:

  • "field": the name of the field where the nftables log is stored. By default, the value is "message"
  • "marker": text before the firewall log. This is the "prefix" configured in nftables log statement.
  • "target": the name of the field where the fields found are stored. By default, they are stored in the root (the value is "").
  • "overwrite_keys": if "target" is defined, whether to overwrite it, when it already exists

About

Beats processor for parsing Linux nftables log messages

Resources

Readme

License

LGPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages