Adding upstream version 0.11.1.upstream/0.11.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 48 insertions, 0 deletions

diff --git a/src/formats/sudo_log.json b/src/formats/sudo_log.json
new file mode 100644
index 0000000..d2ee72c
--- /dev/null
+++ b/src/formats/sudo_log.json
@@ -0,0 +1,48 @@
+{
+    "$schema": "https://lnav.org/schemas/format-v1.schema.json",
+    "sudo_log": {
+        "title": "sudo",
+        "description": "The sudo privilege management tool.",
+        "url": "",
+        "regex": {
+            "std": {
+                "module-format": true,
+                "pattern": "^(?<login>\\S+)\\s*: (?:(?<error_msg>[^;]+);)?\\s*TTY=(?<tty>[^;]+)\\s+;\\s*PWD=(?<pwd>[^;]+)\\s+;\\s*USER=(?<user>[^;]+)\\s+;\\s*COMMAND=(?<command>.*)$"
+            }
+        },
+        "level-field": "error_msg",
+        "level": {
+            "error": ".+"
+        },
+        "value": {
+            "login": {
+                "kind": "string",
+                "identifier": true
+            },
+            "error_msg": {
+                "kind": "string"
+            },
+            "tty": {
+                "kind": "string"
+            },
+            "pwd": {
+                "kind": "string"
+            },
+            "user": {
+                "kind": "string",
+                "identifier": true
+            },
+            "command": {
+                "kind": "string"
+            }
+        },
+        "sample": [
+            {
+                "line": "stack : 3 incorrect password attempts ; TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls"
+            },
+            {
+                "line": "stack : TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls"
+            }
+        ]
+    }
+}
\ No newline at end of file