Skip to content

Commit

Permalink
Merge pull request #1936 from ddpbsd/1927
Browse files Browse the repository at this point in the history 
Fix for change in named query log format
  • Loading branch information
@atomicturtle
atomicturtle authored Jun 1, 2021
2 parents 76ac7f0 + 7375fe4 commit 184e55e
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions etc/decoder.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1007,8 +1007,8 @@ Jan 8 19:32:41 tp.lan dropbear[15165]: Pubkey auth succeeded for 'root' with ke

<decoder name="named-query">
<parent>named</parent>
<prematch_pcre2>: query </prematch_pcre2>
<pcre2>client (\S+)#\d+[ ]*?\S*: </pcre2>
<prematch_pcre2>: query:? </prematch_pcre2>
<pcre2>client @\S+ (\S+)#\d+[ ]*?\S*: </pcre2>
<order>srcip,url</order>
</decoder>

Expand Down

0 comments on commit 184e55e

Please sign in to comment.