[stunnel-users] Grok log parsing

Manuele Trimarchi info at trimarchimanuele.it
Tue Jul 17 11:51:13 CEST 2018

I would ask if someone use Grok log parsing for stunnel and, if yes,
what kind of filter statement are you using?

At the moment I've just created 2 parser:


%{date("yyyy.MM.dd HH:mm:ss"):date}
LOG%{integer:loglevel}\[%{integer:session_id}\]\: Service
\[%{word:csb_name}\-%{word:csb_port}\] accepted connection from



%{date("yyyy.MM.dd HH:mm:ss"):date}
LOG%{integer:loglevel}\[%{integer:session_id}\]\: Connection closed\:
%{integer:byte_tx} byte\(s\) sent to SSL\, %{integer:byte_rx}
byte\(s\) sent to socket

I'm new with Grok and all the things related to log match-and-parse,
so I think that there will be a much better solution than mine, anyway
Google this time doesn't help unfortunately.

Thank you so much to all those who will help me with this stuff!


More information about the stunnel-users mailing list