-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy pathhttpd.json
85 lines (85 loc) · 3.52 KB
/
httpd.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
{
"https_access_log" : {
"title" : "access log format for HTTPS",
"description" : "Log format used by Apache HTTPD for HTTPS connections",
"url" : "http://httpd.apache.org",
"regex" : {
"default" : {
"pattern" : "^\\[(?<timestamp>\\d{2}/\\w{3}/\\d{4}:\\d{2}:\\d{2}:\\d{2}(?:\\.\\d+)?(?: [+-]\\d{4}))?\\] (?<client>[\\w\\d:.-]+) (?<wrapper>[\\w/.-]+) (?<crypto>[\\w-]+) \"(?<method>\\w+) (?<path>\\S+) (?<transport>\\S+)\" (?<resp_size>\\d+|-)$"
}
},
"value" : {
"client" : { "kind" : "string", "identifier" : true },
"wrapper" : { "kind" : "string", "identifier" : true },
"crypto" : { "kind" : "string", "identifier" : true },
"method" : { "kind" : "string", "identifier" : true },
"path" : { "kind" : "string", "identifier" : true },
"transport" : { "kind" : "string", "identifier" : true },
"resp_size" : { "kind" : "integer", "identifier" : true },
"body" : { "kind" : "string" }
},
"sample" : [
{
"line" : "[07/Aug/2015:07:56:43 -0400] 172.25.34.7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 \"GET /rhn/systems/Overview.do HTTP/1.1\" 73851"
},
{
"line" : "[02/Feb/2016:16:41:14 +0000] 10.24.137.73 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 \"GET /XMLRPC/GET-REQ/prod-rhel-x86_64-server-6-rhscl-1/repodata/repomd.xml HTTP/1.1\" -"
}
]
},
"error_log" : {
"title" : "error log format for HTTPD",
"description" : "Log format used by Apache HTTPD for HTTPS connections",
"url" : "http://httpd.apache.org",
"regex" : {
"default" : {
"pattern" : "^\\[(?<timestamp>\\w{3} \\w{3} \\d{2} \\d{2}:\\d{2}:\\d{2}(?:\\.\\d+)? \\d{4})\\] \\[(?<level>\\w+)\\] (?:(?<function>[\\w/.-]+): )?(?:\\[client (?<client>[\\w.:-]+)\\] )?(?:\\((?<errnum>\\d+)\\))?(?<body>.*)$"
}
},
"timestamp-format" : [
"%a %b %d %H:%M:%S %Y"
],
"value" : {
"level" : { "kind" : "string", "identifier" : true },
"function" : { "kind" : "string", "identifier" : true },
"error" : { "kind" : "string", "identifier" : true },
"client" : { "kind" : "string", "identifier" : true },
"body" : { "kind" : "string" }
},
"sample" : [
{
"line" : "[Tue Feb 02 16:13:00 2016] [error] ajp_read_header: ajp_ilink_receive failed"
},
{
"line" : "[Tue Feb 02 16:13:00 2016] [error] (70007)The timeout specified has expired: proxy: read response failed from 127.0.0.1:8009 (localhost)"
},
{
"line" : "[Tue Feb 02 16:42:29 2016] [warn] [client 10.20.30.100] incomplete redirection target of '/rhn/Login.do' for URI '/index.html' modified to 'http://example.com/'"
}
]
},
"httpd_ssl_request_log" : {
"title" : "request log format for HTTPD",
"description" : " Log format used by Apache HTTPD for SSL requests",
"url" : "http://httpd.apache.org",
"regex" : {
"default" : {
"pattern" : "^\\[(?<timestamp>\\d{2}/\\w{3}/\\d{4}:\\d{2}:\\d{2}:\\d{2}(?:\\.\\d+)?(?: [+-]\\d{4}))?\\] (?<src_addr>[0-9a-f][0-9a-f.:]+[0-9a-f]) (?<transport>\\w+) (?<hash>[A-Za-z0-9_-]+) \"(?<method>\\w+) (?<uri>/\\S+) HTTP/(?<proto_vers>\\d\\.\\d)\" (?<size>\\d+)$"
}
},
"value" : {
"src_addr" : { "kind" : "string", "identifier" : true },
"transpoort" : { "kind" : "string", "identifier" : true },
"hash" : { "kind" : "string", "identifier" : true },
"method" : { "kind" : "string", "identifier" : true },
"uri" : { "kind" : "string", "identifier" : true },
"version" : { "kind" : "float"},
"size" : { "kind" : "integer"}
},
"sample" : [
{
"line" : "[17/Jul/2016:04:06:30 -0400] 199.52.200.205 TLSv1 AES256-SHA \"POST /XMLRPC HTTP/1.1\" 163"
}
]
}
}