diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 17:44:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 17:44:55 +0000 |
commit | 5068d34c08f951a7ea6257d305a1627b09a95817 (patch) | |
tree | 08213e2be853396a3b07ce15dbe222644dcd9a89 /src/formats/sudo_log.json | |
parent | Initial commit. (diff) | |
download | lnav-5068d34c08f951a7ea6257d305a1627b09a95817.tar.xz lnav-5068d34c08f951a7ea6257d305a1627b09a95817.zip |
Adding upstream version 0.11.1.upstream/0.11.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/formats/sudo_log.json')
-rw-r--r-- | src/formats/sudo_log.json | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/formats/sudo_log.json b/src/formats/sudo_log.json new file mode 100644 index 0000000..d2ee72c --- /dev/null +++ b/src/formats/sudo_log.json @@ -0,0 +1,48 @@ +{ + "$schema": "https://lnav.org/schemas/format-v1.schema.json", + "sudo_log": { + "title": "sudo", + "description": "The sudo privilege management tool.", + "url": "", + "regex": { + "std": { + "module-format": true, + "pattern": "^(?<login>\\S+)\\s*: (?:(?<error_msg>[^;]+);)?\\s*TTY=(?<tty>[^;]+)\\s+;\\s*PWD=(?<pwd>[^;]+)\\s+;\\s*USER=(?<user>[^;]+)\\s+;\\s*COMMAND=(?<command>.*)$" + } + }, + "level-field": "error_msg", + "level": { + "error": ".+" + }, + "value": { + "login": { + "kind": "string", + "identifier": true + }, + "error_msg": { + "kind": "string" + }, + "tty": { + "kind": "string" + }, + "pwd": { + "kind": "string" + }, + "user": { + "kind": "string", + "identifier": true + }, + "command": { + "kind": "string" + } + }, + "sample": [ + { + "line": "stack : 3 incorrect password attempts ; TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls" + }, + { + "line": "stack : TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls" + } + ] + } +}
\ No newline at end of file |