Displaying 20 results from an estimated 1000 matches similar to: "Parse dovecot 2.2 logs with logstash"
2019 Mar 08
1
syslog / logstah problem with timestamp
Hallo,
I try to send my centos 7 logfiles to an logstsah server.
Can anyone give me an hint how to fix this problem?
Thanks
Ralf
> {"index"=>{"_index"=>"%{[@metadata][comline]}-%{[@metadata][version]}",
> "_type"=>"doc", "_id"=>"U1XLXGkBpfl5FoHeY4J8", "status"=>400,
>
2015 Dec 02
0
Logstash pattern (GROK, KV, ...) to parse dovecot logs anyone?
Hello dovecot-users,
I am currently playing with Elastics ELK stack and was kind of surprised to NOT
yet find a good set of GROK or KV pattern to parse dovecots lush and information
rich logs.
The last post regarding this endeavor was in 2014
(http://www.dovecot.org/list/dovecot/2014-June/096589.html), which "only"
extracts the key->value pairs but not other parts of the log lines.
2014 May 31
0
Disamiguate Profiles::Logstash and Logstash
I am using the puppet logstash module from Forge installed at
/etc/puppet/modules/logstash
I am trying to setup my profile class as profiles::logstash. My manifest is
at /etc/puppet/modules/profiles/manifests/logstash.pp
In my /etc/puppet/modules/profiles/manifests/logstash directory I have:
install.pp
config.pp
service.pp
In my install.pp:
class profiles::logstash::install() {
$ensure =
2016 Mar 06
2
logrotate script error
Hey guys,
I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last
I saw!
And that's because the logrotate script I came up with didn't work.
The error I get on a syntax check is this:
#logrotate -f logstash
size: '100M': No such file
size: '100M': No such file
size: '100M': No such file
size: '100M': No such file
size:
2014 Aug 27
2
Insert custom header in Mail logger plugin
Is it possible to log a message custom header through Mail logger plugin or
other method? It seems that there are a fixed number of info that is
configurable via mail_log_fields (http://wiki2.dovecot.org/Plugins/MailLog).
..
My custom header is X-VERTICAL-IP-Quarantine-ID and I want a log event like
this one:
Aug 27 09:48:13 imap dovecot: imap(user at domain): copy from INBOX: box=SPAM,
uid=213,
2020 Jul 10
5
CentOS 7 rsyslog and ELK
I asked a similar question about a year ago and didn't get any answers.
So I thought I'd try again.
What do people do to get their syslog messages on CentOS 7 into a
remote ELK stack. I've tried lots of things involving rsyslog,
filebeat, redis, logstash and so on in lots of different configurations
but nothing really works.
I can get rsyslog to talk directly to logstash (acting as
2014 Nov 22
1
Prevent a message from be deleted but not from be moved
How can I do it Tom???
Em 21/11/2014 13:25, "Tom Hendrikx" <tom at whyscream.net> escreveu:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 21-11-14 14:00, Bruno Galindro da Costa wrote:
> > Is it possible to prevent a message from be deleted but not from be
> > moved to another mailbox via ACL?
> >
> > I need this because I'm
2014 Nov 21
2
Prevent a message from be deleted but not from be moved
Is it possible to prevent a message from be deleted but not from be moved
to another mailbox via ACL?
I need this because I'm using antispam plugin with the mailtrain backend.
It calls a script every time a message is moved to/from a monitored spam
mailbox. But, if the user deletes a message from the spam folder, the
script is executed with the option to train the antispam to consider that
2013 Dec 05
1
Syslog debug messages
Is there a way to configure dovecot to register in syslog the debug
messages enabled by mail_debug=yes as a debug not as information?
I need this because I want to send this kind of information only to a
remote server. I've configured rsyslog to do this, but dovecot is
registering those debug messages as information not as debug (as I
expected).
This is my rsyslog config:
mail.info;\
2014 Jun 05
4
doveadm index - Bug or expected behaviour?
My ldap config is using the variable %d in base search for domain
replacement when dovecot will search for users in LDAP. Its works fine for
dovecot operation.
But, for doveadm index, not. It ignores that variable and tries to pass a
base search without domain. So, the search will not working.
This is the command:
# doveadm -v index -A INBOX
This is my config:
# cat
2013 Nov 26
37
get a *structured* version of the puppet agent output
puppet agent --verbose shows a verbose output of the changes done by
puppet, such as:
notice:
/Stage[main]/Logstash::Config/Logstash::Configdir[agent]/File[/etc/logstash/agent/config]/owner:
owner changed ''root'' to ''logstash''
notice: /Stage[main]/Varnish/Service[varnish]/ensure: ensure changed
''stopped'' to ''running''
2012 Oct 10
1
PuppetConf Videos Are Available Now
I wanted to let everyone know that the videos from PuppetConf are
available at http://puppetlabs.com/community/videos/puppetconf/
Here are a few of my personal favorites:
CERN: http://youtu.be/-Ykb2j2ojYU
Discovering and creating great Puppet Modules:
http://youtu.be/aWqktlD62ks (talk actually starts at 4:45 min into
video)
State of the Community http://youtu.be/0_u_5RkVymE (I''m
2020 Jul 10
1
CentOS 7 rsyslog and ELK
On Fri, 2020-07-10 at 16:44 -0400, Jason Edgecombe wrote:
> I don't use ELK at the moment, but is this helpful?
>
> % journalctl -f --output=json
>
> The above command prints the continuous output of the systemd journal in
> json format.
>
Thanks. The problem is getting that into logstash. But it's actually
quite useful anyway as it's another method of
2016 Mar 06
0
Re: logrotate script error
On Sun, 6 Mar 2016 04:34, Tim Dunphy <bluethundr at ...> wrote:
> Hey guys,
>
> I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last
> I saw!
>
> And that's because the logrotate script I came up with didn't work.
>
> The error I get on a syntax check is this:
>
> #logrotate -f logstash
> size: '100M': No such file
2014 Feb 20
2
Icecast statistics dashboard with Piwik
Hi Thomas,
> What's really nice is, that it understands the Icecast log format
> extension where we record the duration of the connection in seconds.
I can't take credit for that, the work was done by Alejandro:
https://github.com/piwik/piwik/pull/65
Cheers!
Daniel
2020 Jul 10
0
CentOS 7 rsyslog and ELK
On Fri, 10 Jul 2020 at 16:33, Pete Biggs <pete at biggs.org.uk> wrote:
>
> I asked a similar question about a year ago and didn't get any answers.
> So I thought I'd try again.
>
Honestly, as much as I have heard of people using Elastic Kibana..
they are usually using it for things already in JSON. WHen I looked in
the past I either found someone wanting me to set up a
2013 Jun 08
1
Multicast panic caused by elasticsearch
Hi,
I was experimenting with Logstash + elasticsearch on FreeBSD 9 - initially I downloaded it by hand (I forgot to check for a port) and it worked fine.
I then tried the port and this forced me to use a different java version (was jdk-16.0.3p4_25 now openjdk6-b27) and it seems that the new one causes a panic.
Unfortunately crashdumps aren't working properly, however I did get the panic
2013 Jan 11
1
problems with package 'segmented'
Dear R-users,
I am trying to understand how the 'segmented'-package works to determine
breakpoints and slopes of regression lines in broken-line regression models.
However, I am not able to repeat the example on the "plant"-dataset,
which was reported in the accompanying paper of the package. (V.M.R
Muggeo, "Segmented: an R package to fit regression models with
2007 Dec 06
2
Segmented regression
Hello all,
I have 3 time series (tt) that I've fitted segmented regression models
to, with 3 breakpoints that are common to all, using code below
(requires segmented package). However I wish to specifiy a zero
coefficient, a priori, for the last segment of the KW series (green)
only. Is this possible to do with segmented? If not, could someone point
in a direction?
The final goal is to
2013 Nov 06
3
syslog-ng or rsyslog?
Hi All.
I've used syslog-ng for some time. I like it. I have a project in which I
need to choose a central logging solution. What are your experiences with
rsyslog? Is it more complex to setup than syslog-ng? Or maybe does it have
some additional features?
I am also thinking about using some gui tools for log parsing and graphing.
May be proprietary/paid. Any suggestions?
Best regards,