18 lines
510 B
Django/Jinja
18 lines
510 B
Django/Jinja
[PARSER]
|
|
Name caddy_json
|
|
Format json
|
|
Time_Key ts
|
|
Time_Format %s.%L
|
|
|
|
# Generic JSON parser for nested message fields
|
|
[PARSER]
|
|
Name json
|
|
Format json
|
|
|
|
# Parse ZOMBOID_CONN firewall logs to extract source IP
|
|
# Example: ZOMBOID_CONN: IN=enp0s31f6 OUT= MAC=... SRC=45.5.113.90 DST=192.168.1.10 ...
|
|
[PARSER]
|
|
Name zomboid_firewall
|
|
Format regex
|
|
Regex ZOMBOID_CONN:.*SRC=(?<src_ip>[0-9.]+).*DST=(?<dst_ip>[0-9.]+).*DPT=(?<dst_port>[0-9]+)
|