similar to: Logstash pattern (GROK, KV, ...) to parse dovecot logs anyone?

Guys, I need to parse my dovecot log files with logstash grok patterns. Is there any document specifying the patterns used by dovecot to write it's logs? I need to find all the log possibilities that could be writed to log files by dovecot. So, if a document like that exists or if anyone could answer my question, I'll could make the parser with less difficult. -- Att. Bruno

I am using the puppet logstash module from Forge installed at /etc/puppet/modules/logstash I am trying to setup my profile class as profiles::logstash. My manifest is at /etc/puppet/modules/profiles/manifests/logstash.pp In my /etc/puppet/modules/profiles/manifests/logstash directory I have: install.pp config.pp service.pp In my install.pp: class profiles::logstash::install() { $ensure =

On Fri, 10 Jul 2020 at 16:33, Pete Biggs <pete at biggs.org.uk> wrote: > > I asked a similar question about a year ago and didn't get any answers. > So I thought I'd try again. > Honestly, as much as I have heard of people using Elastic Kibana.. they are usually using it for things already in JSON. WHen I looked in the past I either found someone wanting me to set up a

On Sun, 6 Mar 2016 04:34, Tim Dunphy <bluethundr at ...> wrote: > Hey guys, > > I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last > I saw! > > And that's because the logrotate script I came up with didn't work. > > The error I get on a syntax check is this: > > #logrotate -f logstash > size: '100M': No such file

TL;DR: Is there a sensible way to get rsyslog to talk to redis on CentOS 7. The official way is to use the omhiredis plugin, but that doesn't seem to exist in the CentOS 7 repositories? (It's how I do it on my Fedora box.) The long version: I'm trying to rationalise logging and am using an ELK stack. When I've done this in the past it has suffered badly from congestion at peak

Hey guys, I'm trying to rotate a logstash log that can grow pretty large. 3.4GB last I saw! And that's because the logrotate script I came up with didn't work. The error I get on a syntax check is this: #logrotate -f logstash size: '100M': No such file size: '100M': No such file size: '100M': No such file size: '100M': No such file size:

I asked a similar question about a year ago and didn't get any answers. So I thought I'd try again. What do people do to get their syslog messages on CentOS 7 into a remote ELK stack. I've tried lots of things involving rsyslog, filebeat, redis, logstash and so on in lots of different configurations but nothing really works. I can get rsyslog to talk directly to logstash (acting as

I don't use ELK at the moment, but is this helpful? % journalctl -f --output=json The above command prints the continuous output of the systemd journal in json format. Jason --------------------------------------------------------------------------- Jason Edgecombe | Linux Administrator UNC Charlotte | Office of OneIT 9201 University City Blvd. | Charlotte, NC 28223-0001 Phone:

Hallo, I try to send my centos 7 logfiles to an logstsah server. Can anyone give me an hint how to fix this problem? Thanks Ralf > {"index"=>{"_index"=>"%{[@metadata][comline]}-%{[@metadata][version]}", > "_type"=>"doc", "_id"=>"U1XLXGkBpfl5FoHeY4J8", "status"=>400, >

Hi All, here a few examples about how look ELK (ElasticSearch + Logstash + Kibana) stack with Icecast logs parsed. Last 7 days: http://bit.ly/1CHlhiS Last 30 days: http://bit.ly/1DgM5c2 If any be interested in try here is the Logstash config for parse the logs: http://bit.ly/1IbvYxI Some interesting filters that we use here, is remove any session lower of 60 seg, filter bots, monitoring

On Fri, 2020-07-10 at 16:44 -0400, Jason Edgecombe wrote: > I don't use ELK at the moment, but is this helpful? > > % journalctl -f --output=json > > The above command prints the continuous output of the systemd journal in > json format. > Thanks. The problem is getting that into logstash. But it's actually quite useful anyway as it's another method of

Hi, After upgrading from dovecot 1.1 to dovecot 1.2.2 and the new sieve implementation (0.1.9), I'm having some strange problems. I'm including some general purpose scripts into my user script from sieve_global_dir. After some tests it seems that ths scripts get executed at random: sometimes the mail gets stored in the correct dir, and sometimes it goes to inbox. This also happens while

http://www.loreal.free-mascara.com L''OREAL Volume Shocking Mascara is a 2-in-1 mascara with a base coat at one end of the mascara wand and a top coat at the other. Bring on super-lush, luminous lashes in just 2 easy steps! -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google

HI, Do you have selinux activated? Maybe the context for logrotate does not allow accessing files under /home, and the root cli is not troubled by such a limitation? Why are you storing log files under /home anyway? Note: I don't use any OS with selinux, so can't really help with fixing this an issue. Regards, Tom On 17-11-17 22:42, SH Development wrote: > So, the question is, why

So, the question is, why can I rotate the log manually, but cron returns a permission error? Do I need to tell cron to run it as sudo or something like that? Ethon > On Nov 17, 2017, at 2:29 AM, Tom Hendrikx <tom at whyscream.net <mailto:tom at whyscream.net>> wrote: > > Hi, > > > Your crontab should normally mail you error output. But you can also run > the

I wanted to let everyone know that the videos from PuppetConf are available at http://puppetlabs.com/community/videos/puppetconf/ Here are a few of my personal favorites: CERN: http://youtu.be/-Ykb2j2ojYU Discovering and creating great Puppet Modules: http://youtu.be/aWqktlD62ks (talk actually starts at 4:45 min into video) State of the Community http://youtu.be/0_u_5RkVymE (I''m

How can I do it Tom??? Em 21/11/2014 13:25, "Tom Hendrikx" <tom at whyscream.net> escreveu: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 21-11-14 14:00, Bruno Galindro da Costa wrote: > > Is it possible to prevent a message from be deleted but not from be > > moved to another mailbox via ACL? > > > > I need this because I'm

I hope this message finds you well and thriving in your endeavors. As a fellow Vietnamese student currently pursuing education in the United States, I can't help but feel a sense of pride and excitement about the prospect of inviting you to experience the beauty and charm of my homeland, Vietnam. Vietnam is a land of captivating landscapes, rich history, and warm hospitality. From the

Hey dovecot-users, did I miss anything anywhere about the configuration variables "nfs_storage" and "mail_nfs_index" being removed from the example configuration in 2.2? In 2.1 they where both in 10-mail.conf commented out and set to their default "no". But with 2.2 they are not in any of the exmaple config files anymore. doveadm is still showing the variables and

Hey dovecot-users! doveadm import offers to use i.e. a maildir as source and then import into a users mailbox referenced via "-u" option. If one wants to import only certain emails from the source a search-query can be given as well. I was wondering if doveadm search also does offer to search a mailbox referenced by filesystem path i.e. doveadm search