similar to: Parse dovecot 2.2 logs with logstash

Hallo, I try to send my centos 7 logfiles to an logstsah server. Can anyone give me an hint how to fix this problem? Thanks Ralf > {"index"=>{"_index"=>"%{[@metadata][comline]}-%{[@metadata][version]}", > "_type"=>"doc", "_id"=>"U1XLXGkBpfl5FoHeY4J8", "status"=>400, >

Hello dovecot-users, I am currently playing with Elastics ELK stack and was kind of surprised to NOT yet find a good set of GROK or KV pattern to parse dovecots lush and information rich logs. The last post regarding this endeavor was in 2014 (http://www.dovecot.org/list/dovecot/2014-June/096589.html), which "only" extracts the key->value pairs but not other parts of the log lines.

I am using the puppet logstash module from Forge installed at /etc/puppet/modules/logstash I am trying to setup my profile class as profiles::logstash. My manifest is at /etc/puppet/modules/profiles/manifests/logstash.pp In my /etc/puppet/modules/profiles/manifests/logstash directory I have: install.pp config.pp service.pp In my install.pp: class profiles::logstash::install() { $ensure =

Hey guys, I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last I saw! And that's because the logrotate script I came up with didn't work. The error I get on a syntax check is this: #logrotate -f logstash size: '100M': No such file size: '100M': No such file size: '100M': No such file size: '100M': No such file size:

Is it possible to log a message custom header through Mail logger plugin or other method? It seems that there are a fixed number of info that is configurable via mail_log_fields (http://wiki2.dovecot.org/Plugins/MailLog). .. My custom header is X-VERTICAL-IP-Quarantine-ID and I want a log event like this one: Aug 27 09:48:13 imap dovecot: imap(user at domain): copy from INBOX: box=SPAM, uid=213,

I asked a similar question about a year ago and didn't get any answers. So I thought I'd try again. What do people do to get their syslog messages on CentOS 7 into a remote ELK stack. I've tried lots of things involving rsyslog, filebeat, redis, logstash and so on in lots of different configurations but nothing really works. I can get rsyslog to talk directly to logstash (acting as

How can I do it Tom??? Em 21/11/2014 13:25, "Tom Hendrikx" <tom at whyscream.net> escreveu: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 21-11-14 14:00, Bruno Galindro da Costa wrote: > > Is it possible to prevent a message from be deleted but not from be > > moved to another mailbox via ACL? > > > > I need this because I'm

Is it possible to prevent a message from be deleted but not from be moved to another mailbox via ACL? I need this because I'm using antispam plugin with the mailtrain backend. It calls a script every time a message is moved to/from a monitored spam mailbox. But, if the user deletes a message from the spam folder, the script is executed with the option to train the antispam to consider that

Is there a way to configure dovecot to register in syslog the debug messages enabled by mail_debug=yes as a debug not as information? I need this because I want to send this kind of information only to a remote server. I've configured rsyslog to do this, but dovecot is registering those debug messages as information not as debug (as I expected). This is my rsyslog config: mail.info;\

My ldap config is using the variable %d in base search for domain replacement when dovecot will search for users in LDAP. Its works fine for dovecot operation. But, for doveadm index, not. It ignores that variable and tries to pass a base search without domain. So, the search will not working. This is the command: # doveadm -v index -A INBOX This is my config: # cat

puppet agent --verbose shows a verbose output of the changes done by puppet, such as: notice: /Stage[main]/Logstash::Config/Logstash::Configdir[agent]/File[/etc/logstash/agent/config]/owner: owner changed ''root'' to ''logstash'' notice: /Stage[main]/Varnish/Service[varnish]/ensure: ensure changed ''stopped'' to ''running''

I wanted to let everyone know that the videos from PuppetConf are available at http://puppetlabs.com/community/videos/puppetconf/ Here are a few of my personal favorites: CERN: http://youtu.be/-Ykb2j2ojYU Discovering and creating great Puppet Modules: http://youtu.be/aWqktlD62ks (talk actually starts at 4:45 min into video) State of the Community http://youtu.be/0_u_5RkVymE (I''m

On Fri, 2020-07-10 at 16:44 -0400, Jason Edgecombe wrote: > I don't use ELK at the moment, but is this helpful? > > % journalctl -f --output=json > > The above command prints the continuous output of the systemd journal in > json format. > Thanks. The problem is getting that into logstash. But it's actually quite useful anyway as it's another method of

On Sun, 6 Mar 2016 04:34, Tim Dunphy <bluethundr at ...> wrote: > Hey guys, > > I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last > I saw! > > And that's because the logrotate script I came up with didn't work. > > The error I get on a syntax check is this: > > #logrotate -f logstash > size: '100M': No such file

Hi Thomas, > What's really nice is, that it understands the Icecast log format > extension where we record the duration of the connection in seconds. I can't take credit for that, the work was done by Alejandro: https://github.com/piwik/piwik/pull/65 Cheers! Daniel

On Fri, 10 Jul 2020 at 16:33, Pete Biggs <pete at biggs.org.uk> wrote: > > I asked a similar question about a year ago and didn't get any answers. > So I thought I'd try again. > Honestly, as much as I have heard of people using Elastic Kibana.. they are usually using it for things already in JSON. WHen I looked in the past I either found someone wanting me to set up a

Hi, I was experimenting with Logstash + elasticsearch on FreeBSD 9 - initially I downloaded it by hand (I forgot to check for a port) and it worked fine. I then tried the port and this forced me to use a different java version (was jdk-16.0.3p4_25 now openjdk6-b27) and it seems that the new one causes a panic. Unfortunately crashdumps aren't working properly, however I did get the panic

Dear R-users, I am trying to understand how the 'segmented'-package works to determine breakpoints and slopes of regression lines in broken-line regression models. However, I am not able to repeat the example on the "plant"-dataset, which was reported in the accompanying paper of the package. (V.M.R Muggeo, "Segmented: an R package to fit regression models with

Hello all, I have 3 time series (tt) that I've fitted segmented regression models to, with 3 breakpoints that are common to all, using code below (requires segmented package). However I wish to specifiy a zero coefficient, a priori, for the last segment of the KW series (green) only. Is this possible to do with segmented? If not, could someone point in a direction? The final goal is to

Hi All. I've used syslog-ng for some time. I like it. I have a project in which I need to choose a central logging solution. What are your experiences with rsyslog? Is it more complex to setup than syslog-ng? Or maybe does it have some additional features? I am also thinking about using some gui tools for log parsing and graphing. May be proprietary/paid. Any suggestions? Best regards,