diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 20:01:36 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 20:01:36 +0000 |
commit | 62e4c68907d8d33709c2c1f92a161dff00b3d5f2 (patch) | |
tree | adbbaf3acf88ea08f6eeec4b75ee98ad3b07fbdc /src/formats/sudo_log.json | |
parent | Initial commit. (diff) | |
download | lnav-62e4c68907d8d33709c2c1f92a161dff00b3d5f2.tar.xz lnav-62e4c68907d8d33709c2c1f92a161dff00b3d5f2.zip |
Adding upstream version 0.11.2.upstream/0.11.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/formats/sudo_log.json')
-rw-r--r-- | src/formats/sudo_log.json | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/formats/sudo_log.json b/src/formats/sudo_log.json new file mode 100644 index 0000000..d2ee72c --- /dev/null +++ b/src/formats/sudo_log.json @@ -0,0 +1,48 @@ +{ + "$schema": "https://lnav.org/schemas/format-v1.schema.json", + "sudo_log": { + "title": "sudo", + "description": "The sudo privilege management tool.", + "url": "", + "regex": { + "std": { + "module-format": true, + "pattern": "^(?<login>\\S+)\\s*: (?:(?<error_msg>[^;]+);)?\\s*TTY=(?<tty>[^;]+)\\s+;\\s*PWD=(?<pwd>[^;]+)\\s+;\\s*USER=(?<user>[^;]+)\\s+;\\s*COMMAND=(?<command>.*)$" + } + }, + "level-field": "error_msg", + "level": { + "error": ".+" + }, + "value": { + "login": { + "kind": "string", + "identifier": true + }, + "error_msg": { + "kind": "string" + }, + "tty": { + "kind": "string" + }, + "pwd": { + "kind": "string" + }, + "user": { + "kind": "string", + "identifier": true + }, + "command": { + "kind": "string" + } + }, + "sample": [ + { + "line": "stack : 3 incorrect password attempts ; TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls" + }, + { + "line": "stack : TTY=ttys005 ; PWD=/Users/stack/ClionProjects/lbuild ; USER=root ; COMMAND=/bin/ls" + } + ] + } +}
\ No newline at end of file |