26 lines
775 B
XML
26 lines
775 B
XML
<!-- Local Decoders -->
|
|
|
|
<!-- Modify it at your will. -->
|
|
|
|
<!--
|
|
- Allowed static fields:
|
|
- location - where the log came from (only on FTS)
|
|
- srcuser - extracts the source username
|
|
- dstuser - extracts the destination (target) username
|
|
- user - an alias to dstuser (only one of the two can be used)
|
|
- srcip - source ip
|
|
- dstip - dst ip
|
|
- srcport - source port
|
|
- dstport - destination port
|
|
- protocol - protocol
|
|
- id - event id
|
|
- url - url of the event
|
|
- action - event action (deny, drop, accept, etc)
|
|
- status - event status (success, failure, etc)
|
|
- extra_data - Any extra data
|
|
-->
|
|
|
|
<decoder name="sample_custom_decoder">
|
|
<program_name>sample_custom_decoder</program_name>
|
|
</decoder>
|