{
"severity_label" => "Emergency",
"message" => "<5>time=2020-07-13 12:46:49 log_type=ips danger_degree=2 breaking_sighn=0 event=[50575]向日葵远程控制软件连接服务器 src_addr=10.20.7.96 src_port=58370 dst_addr=47.98.191.194 dst_port=443 user=null smt_user=null proto=SSL ",
"@version" => "1",
"type" => "syslog",
"tags" => [
[0] "_grokparsefailure_sysloginput",
[1] "_grokparsefailure"
],
"host" => "10.0.1.8",
"priority" => 0,
"facility" => 0,
"facility_label" => "kernel",
"severity" => 0,
"@timestamp" => 2020-07-13T06:14:02.290Z
}
"severity_label" => "Emergency",
"message" => "<5>time=2020-07-13 12:46:49 log_type=ips danger_degree=2 breaking_sighn=0 event=[50575]向日葵远程控制软件连接服务器 src_addr=10.20.7.96 src_port=58370 dst_addr=47.98.191.194 dst_port=443 user=null smt_user=null proto=SSL ",
"@version" => "1",
"type" => "syslog",
"tags" => [
[0] "_grokparsefailure_sysloginput",
[1] "_grokparsefailure"
],
"host" => "10.0.1.8",
"priority" => 0,
"facility" => 0,
"facility_label" => "kernel",
"severity" => 0,
"@timestamp" => 2020-07-13T06:14:02.290Z
}
0 个回复