Skip to content

Commit

Permalink
Supports connection_host = dns. Resolves #3
Browse files Browse the repository at this point in the history
  • Loading branch information
@my2ndhead
my2ndhead committed Dec 9, 2015
1 parent d248280 commit 559b9d4
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 5 deletions.
4 changes: 2 additions & 2 deletions README
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

Author: Mika Borner

Version/Date: 2.0.3 12/09/2015
Version/Date: 2.0.4 12/09/2015

Supported product(s):
pfSense 2.2.x
Expand Down Expand Up @@ -30,7 +30,7 @@
[udp://516]
index = network
sourcetype = pfsense

connection_host = dns

===Bugs===

Expand Down
2 changes: 1 addition & 1 deletion default/app.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ state = enabled

[launcher]
author = my2ndhead
version = 2.0.3
version = 2.0.4
description = Technology Add-on for pfSense

[ui]
Expand Down
2 changes: 1 addition & 1 deletion default/props.conf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[pfsense]
TRANSFORMS-pfsense_sourcetyper = pfsense_sourcetyper
SHOULD_LINEMERGE = false
SEDCMD-event_cleaner = s/^\w{3}\s+\d{1,2}\s\d{2}:\d{2}:\d{2}\s+\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\s+//g
SEDCMD-event_cleaner = s/^\w{3}\s+\d{1,2}\s\d{2}:\d{2}:\d{2}\s+\S+\.\S+\s+//g

[pfsense:filterlog]
EXTRACT-ipv4_tcp = filterlog:\s(?<rule>[^,])*,(?<sub_rule>[^,]*),(?<anchor>[^,]*),(?<tracker_id>[^,]*),(?<dest_int>[^,]*),(?<reason>[^,]*),(?<vendor_action>[^,]*),(?<vendor_direction>[^,]*),(?<ip_version>4),(?<tos>[^,]*),(?<ecn>[^,]*),(?<ttl>[^,]*),(?<id>[^,]*),(?<offset>[^,]*),(?<flags>[^,]*),(?<transport_id>[^,]*),(?<vendor_transport>tcp),(?<bytes>[^,]*),(?<src_ip>[^,]*),(?<dest_ip>[^,]*),(?<src_port>[^,]*),(?<dest_port>[^,]*),(?<payload_bytes>[^,]*),(?<vendor_tcp_flags>[^,]*),(?<sequence_number>[^,]*),(?<ack>[^,]*),(?<window>[^,]*),(?<urg>[^,]*),(?<options>[^$]*)$
Expand Down
2 changes: 1 addition & 1 deletion default/transforms.conf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[pfsense_sourcetyper]
REGEX = ^\w{3}\s+\d{1,2}\s\d{2}:\d{2}:\d{2}\s+(\w+)(\[\d+\])?:
REGEX = ^(\w{3}\s+\d{1,2}\s\d{2}:\d{2}:\d{2}\s+\S+)?\w{3}\s+\d{1,2}\s\d{2}:\d{2}:\d{2}\s+(\w+)(\[\d+\])?:
DEST_KEY = MetaData:Sourcetype
FORMAT = sourcetype::pfsense:$1

Expand Down

0 comments on commit 559b9d4

Please sign in to comment.