mirror of https://github.com/tstack/lnav
[prql] refinements
parent
20839cb85f
commit
398b17f0f6
@ -1,2 +1,7 @@
|
||||
|
||||
let json_each = func input -> s"SELECT * FROM json_each({input})"
|
||||
|
||||
let count_by = func column rel <relation> -> <relation> (
|
||||
rel
|
||||
group {column} (aggregate {total = count this})
|
||||
sort {-total}
|
||||
)
|
||||
|
@ -1,3 +1,3 @@
|
||||
{"log_line":0,"log_part":null,"log_time":"2009-07-20 22:59:26.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/cgi/tramp","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":134,"sc_status":200,"cs_host":null}
|
||||
{"log_line":1,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":3000,"log_level":"error","log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkboot.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":46210,"sc_status":404,"cs_host":null}
|
||||
{"log_line":2,"log_part":null,"log_time":"2009-07-20 22:59:29.000","log_idle_msecs":0,"log_level":"info","log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null,"c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkernel.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":78929,"sc_status":200,"cs_host":null}
|
||||
{"log_line":0,"log_time":"2009-07-20 22:59:26.000","log_level":"info","c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/cgi/tramp","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":134,"sc_status":200,"cs_host":null,"log_part":null,"log_idle_msecs":0,"log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null}
|
||||
{"log_line":1,"log_time":"2009-07-20 22:59:29.000","log_level":"error","c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkboot.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":46210,"sc_status":404,"cs_host":null,"log_part":null,"log_idle_msecs":3000,"log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null}
|
||||
{"log_line":2,"log_time":"2009-07-20 22:59:29.000","log_level":"info","c_ip":"192.168.202.254","cs_method":"GET","cs_referer":"-","cs_uri_query":null,"cs_uri_stem":"/vmw/vSphere/default/vmkernel.gz","cs_user_agent":"gPXE/0.9.7","cs_username":"-","cs_version":"HTTP/1.0","sc_bytes":78929,"sc_status":200,"cs_host":null,"log_part":null,"log_idle_msecs":0,"log_mark":0,"log_comment":null,"log_tags":null,"log_annotations":null,"log_filters":null}
|
||||
|
@ -1,9 +1,9 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,<NULL>,2016-06-30 12:00:01.000,0,trace,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,<NULL>,2016-06-30 12:00:02.000,1000,debug,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,<NULL>,2016-06-30 12:00:03.000,1000,debug2,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
3,<NULL>,2016-06-30 12:00:04.000,1000,debug3,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,<NULL>,2016-06-30 12:00:05.000,1000,info,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
5,<NULL>,2016-06-30 12:00:06.000,1000,warning,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
6,<NULL>,2016-06-30 12:00:07.000,1000,fatal,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
7,<NULL>,2016-06-30 12:00:08.000,1000,info,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
log_line,log_time,log_level,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2016-06-30 12:00:01.000,trace,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2016-06-30 12:00:02.000,debug,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2016-06-30 12:00:03.000,debug2,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
3,2016-06-30 12:00:04.000,debug3,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,2016-06-30 12:00:05.000,info,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
5,2016-06-30 12:00:06.000,warning,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
6,2016-06-30 12:00:07.000,fatal,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
7,2016-06-30 12:00:08.000,info,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,14 +1,14 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,@fields/user,@fields/trace#
|
||||
0,<NULL>,2013-09-06 20:00:48.124,0,trace,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,<NULL>,2013-09-06 20:00:49.124,1000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,<NULL>,2013-09-06 22:00:49.124,7200000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,steve@example.com,<NULL>
|
||||
7,<NULL>,2013-09-06 22:00:59.124,10000,debug5,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
9,<NULL>,2013-09-06 22:00:59.124,0,debug4,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
11,<NULL>,2013-09-06 22:00:59.124,0,debug3,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
13,<NULL>,2013-09-06 22:00:59.124,0,debug2,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
15,<NULL>,2013-09-06 22:00:59.124,0,debug,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
17,<NULL>,2013-09-06 22:01:49.124,50000,stats,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
19,<NULL>,2013-09-06 22:01:49.124,0,warning,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
21,<NULL>,2013-09-06 22:01:49.124,0,error,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
23,<NULL>,2013-09-06 22:01:49.124,0,critical,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
25,<NULL>,2013-09-06 22:01:49.124,0,fatal,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,line:1
|
||||
log_line,log_time,log_level,@fields/user,@fields/trace#,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2013-09-06 20:00:48.124,trace,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2013-09-06 20:00:49.124,info,<NULL>,<NULL>,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,2013-09-06 22:00:49.124,info,steve@example.com,<NULL>,<NULL>,7200000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
7,2013-09-06 22:00:59.124,debug5,<NULL>,<NULL>,<NULL>,10000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
9,2013-09-06 22:00:59.124,debug4,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
11,2013-09-06 22:00:59.124,debug3,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
13,2013-09-06 22:00:59.124,debug2,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
15,2013-09-06 22:00:59.124,debug,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
17,2013-09-06 22:01:49.124,stats,<NULL>,<NULL>,<NULL>,50000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
19,2013-09-06 22:01:49.124,warning,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
21,2013-09-06 22:01:49.124,error,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
23,2013-09-06 22:01:49.124,critical,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
25,2013-09-06 22:01:49.124,fatal,<NULL>,line:1,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,4 +1,4 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,user,cl
|
||||
0,<NULL>,2013-09-06 20:00:49.124,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,com.exmaple.foo
|
||||
1,<NULL>,2013-09-06 22:00:49.124,7200000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,steve@example.com,com.exmaple.foo
|
||||
3,<NULL>,2013-09-06 22:01:49.124,60000,error,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,com.exmaple.foo
|
||||
log_line,log_time,log_level,user,cl,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2013-09-06 20:00:49.124,info,<NULL>,com.exmaple.foo,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2013-09-06 22:00:49.124,info,steve@example.com,com.exmaple.foo,<NULL>,7200000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
3,2013-09-06 22:01:49.124,error,<NULL>,com.exmaple.foo,<NULL>,60000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,14 +1,14 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,arr,obj,lvl,user
|
||||
0,<NULL>,2013-09-06 20:00:48.124,0,trace,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,TRACE,<NULL>
|
||||
2,<NULL>,2013-09-06 20:00:49.124,1000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,INFO,<NULL>
|
||||
4,<NULL>,2013-09-06 22:00:49.124,7200000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,INFO,steve@example.com
|
||||
7,<NULL>,2013-09-06 22:00:59.124,10000,debug5,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,DEBUG5,<NULL>
|
||||
9,<NULL>,2013-09-06 22:00:59.124,0,debug4,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,DEBUG4,<NULL>
|
||||
11,<NULL>,2013-09-06 22:00:59.124,0,debug3,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,DEBUG3,<NULL>
|
||||
13,<NULL>,2013-09-06 22:00:59.124,0,debug2,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,DEBUG2,<NULL>
|
||||
15,<NULL>,2013-09-06 22:01:00.000,876,debug,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,DEBUG,<NULL>
|
||||
17,<NULL>,2013-09-06 22:01:49.124,49124,stats,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,STATS,<NULL>
|
||||
19,<NULL>,2013-09-06 22:01:49.124,0,warning,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,WARNING,<NULL>
|
||||
21,<NULL>,2013-09-06 22:01:49.124,0,error,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,ERROR,<NULL>
|
||||
23,<NULL>,2013-09-06 22:01:49.124,0,critical,0,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,CRITICAL,<NULL>
|
||||
25,<NULL>,2013-09-06 22:01:49.124,0,fatal,0,<NULL>,<NULL>,<NULL>,<NULL>,"[""hi"", {""sub1"": true}]","{ ""field1"" : ""hi"", ""field2"": 2 }",FATAL,<NULL>
|
||||
log_line,log_time,log_level,arr,obj,lvl,user,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2013-09-06 20:00:48.124,trace,<NULL>,<NULL>,TRACE,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2013-09-06 20:00:49.124,info,<NULL>,<NULL>,INFO,<NULL>,<NULL>,1000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,2013-09-06 22:00:49.124,info,<NULL>,<NULL>,INFO,steve@example.com,<NULL>,7200000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
7,2013-09-06 22:00:59.124,debug5,<NULL>,<NULL>,DEBUG5,<NULL>,<NULL>,10000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
9,2013-09-06 22:00:59.124,debug4,<NULL>,<NULL>,DEBUG4,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
11,2013-09-06 22:00:59.124,debug3,<NULL>,<NULL>,DEBUG3,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
13,2013-09-06 22:00:59.124,debug2,<NULL>,<NULL>,DEBUG2,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
15,2013-09-06 22:01:00.000,debug,<NULL>,<NULL>,DEBUG,<NULL>,<NULL>,876,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
17,2013-09-06 22:01:49.124,stats,<NULL>,<NULL>,STATS,<NULL>,<NULL>,49124,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
19,2013-09-06 22:01:49.124,warning,<NULL>,<NULL>,WARNING,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
21,2013-09-06 22:01:49.124,error,<NULL>,<NULL>,ERROR,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
23,2013-09-06 22:01:49.124,critical,<NULL>,<NULL>,CRITICAL,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
25,2013-09-06 22:01:49.124,fatal,"[""hi"", {""sub1"": true}]","{ ""field1"" : ""hi"", ""field2"": 2 }",FATAL,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,4 +1,4 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,client_ip,request/method,request/uri,request/size,response/status,response/size,details1,details2,details3
|
||||
0,<NULL>,2017-03-24 20:06:26.240,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,200,443,<NULL>,<NULL>,<NULL>
|
||||
1,<NULL>,2017-03-24 20:12:47.764,381524,critical,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,500,4433,<NULL>,<NULL>,<NULL>
|
||||
2,<NULL>,2017-03-24 20:15:31.694,163930,warning,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,400,44345,"{""foo"": ""bar""}","{""foo"": ""bar""}","{""foo"": ""bar""}"
|
||||
log_line,log_time,log_level,client_ip,request/method,request/uri,request/size,response/status,response/size,details1,details2,details3,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2017-03-24 20:06:26.240,info,1.1.1.1,GET,/example/uri/5,166,200,443,<NULL>,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2017-03-24 20:12:47.764,critical,1.1.1.1,GET,/example/uri/5,166,500,4433,<NULL>,<NULL>,<NULL>,<NULL>,381524,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2017-03-24 20:15:31.694,warning,1.1.1.1,GET,/example/uri/5,166,400,44345,"{""foo"": ""bar""}","{""foo"": ""bar""}","{""foo"": ""bar""}",<NULL>,163930,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,4 +1,4 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,client_ip,request/method,request/uri,request/size,response/status,response/size,details1,details2,details3
|
||||
0,<NULL>,2017-03-24 16:06:26.240,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,200,443,<NULL>,<NULL>,<NULL>
|
||||
1,<NULL>,2017-03-24 16:12:47.764,381524,critical,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,500,4433,<NULL>,<NULL>,<NULL>
|
||||
2,<NULL>,2017-03-24 16:15:31.694,163930,warning,0,<NULL>,<NULL>,<NULL>,<NULL>,1.1.1.1,GET,/example/uri/5,166,400,44345,"{""foo"": ""bar""}","{""foo"": ""bar""}","{""foo"": ""bar""}"
|
||||
log_line,log_time,log_level,client_ip,request/method,request/uri,request/size,response/status,response/size,details1,details2,details3,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2017-03-24 16:06:26.240,info,1.1.1.1,GET,/example/uri/5,166,200,443,<NULL>,<NULL>,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2017-03-24 16:12:47.764,critical,1.1.1.1,GET,/example/uri/5,166,500,4433,<NULL>,<NULL>,<NULL>,<NULL>,381524,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2017-03-24 16:15:31.694,warning,1.1.1.1,GET,/example/uri/5,166,400,44345,"{""foo"": ""bar""}","{""foo"": ""bar""}","{""foo"": ""bar""}",<NULL>,163930,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
|
@ -1,3 +1,3 @@
|
||||
log_line log_part log_time log_idle_msecs log_level log_mark log_comment log_tags log_annotations log_filters col_0 col_1
|
||||
0 <NULL> 2021-05-19 08:00:01.000 0 info 0 <NULL> <NULL> <NULL> <NULL> 1 /abc/def
|
||||
2 <NULL> 2021-05-19 08:00:03.000 2000 info 0 <NULL> <NULL> <NULL> <NULL> 3 /ghi/jkl
|
||||
log_line log_time log_level col_0 col_1 log_part log_idle_msecs log_mark log_comment log_tags log_annotations log_filters
|
||||
0 2021-05-19 08:00:01.000 info 1 /abc/def <NULL> 0 0 <NULL> <NULL> <NULL> <NULL>
|
||||
2 2021-05-19 08:00:03.000 info 3 /ghi/jkl <NULL> 2000 0 <NULL> <NULL> <NULL> <NULL>
|
||||
|
@ -0,0 +1,3 @@
|
||||
group_concat(cs_uri_stem),sc_status
|
||||
"/vmw/cgi/tramp,/vmw/vSphere/default/vmkernel.gz",200
|
||||
/vmw/vSphere/default/vmkboot.gz,404
|
@ -0,0 +1,46 @@
|
||||
[
|
||||
{
|
||||
"log_line": 0,
|
||||
"log_time": "2014-06-15 01:04:52.000",
|
||||
"log_level": "info",
|
||||
"contextid": "82e87195d704585501",
|
||||
"data": "http://localhost:8086|/|<samlp:Response xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"s2daac0735bf476f4560aab81104b623bedfb0cbc0\" InResponseTo=\"84cbf2be33f6410bbe55877545a93f02\" Version=\"2.0\" IssueInstant=\"2014-06-15T01:04:52Z\" Destination=\"http://localhost:8086/api/1/rest/admin/org/530e42ccd6f45fd16d0d0717/saml/consume\"><saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">http://openam.vagrant.dev/openam</saml:Issuer><samlp:Status xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">\\n<samlp:StatusCode xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"\\nValue=\"urn:oasis:names:tc:SAML:2.0:status:Success\">\\n</samlp:StatusCode>\\n</samlp:Status><saml:Assertion xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"s2a0bee0da937e236167e99b209802056033816ac2\" IssueInstant=\"2014-06-15T01:04:52Z\" Version=\"2.0\">\\n<saml:Issuer>http://openam.vagrant.dev/openam</saml:Issuer><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\\n<ds:SignedInfo>\\n<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\\n<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\\n<ds:Reference URI=\"#s2a0bee0da937e236167e99b209802056033816ac2\">\\n<ds:Transforms>\\n<ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>\\n<ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\\n</ds:Transforms>\\n<ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>\\n<ds:DigestValue>4uSmVzjovUdQd3px/RcnoxQBsqE=</ds:DigestValue>\\n</ds:Reference>\\n</ds:SignedInfo>\\n<ds:SignatureValue>\\nhm/grge36uA6j1OWif2bTcvVTwESjmuJa27NxepW0AiV5YlcsHDl7RAIk6k/CjsSero3bxGbm56m\\nYncOEi9F1Tu7dS0bfx+vhm/kKTPgwZctf4GWn4qQwP+KeoZywbNj9ShsYJ+zPKzXwN4xBSuPjMxP\\nNf5szzjEWpOndQO/uDs=\\n</ds:SignatureValue>\\n<ds:KeyInfo>\\n<ds:X509Data>\\n<ds:X509Certificate>\\nMIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh\\nbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09w\\nZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQsw\\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAK\\nBgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0B\\nAQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+\\nRkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNY\\nJs0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/U\\nQzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDA\\ncGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC\\n/FfwWigmrW0Y0Q==\\n</ds:X509Certificate>\\n</ds:X509Data>\\n</ds:KeyInfo>\\n</ds:Signature><saml:Subject>\\n<saml:NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\" NameQualifier=\"http://openam.vagrant.dev/openam\">user@example.com</saml:NameID><saml:SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\">\\n<saml:SubjectConfirmationData InResponseTo=\"84cbf2be33f6410bbe55877545a93f02\" NotOnOrAfter=\"2014-06-15T01:14:52Z\" Recipient=\"http://localhost:8086/api/1/rest/admin/org/530e42ccd6f45fd16d0d0717/saml/consume\"/></saml:SubjectConfirmation>\\n</saml:Subject><saml:Conditions NotBefore=\"2014-06-15T00:54:52Z\" NotOnOrAfter=\"2014-06-15T01:14:52Z\">\\n<saml:AudienceRestriction>\\n<saml:Audience>http://localhost:8086</saml:Audience>\\n</saml:AudienceRestriction>\\n</saml:Conditions>\\n<saml:AuthnStatement AuthnInstant=\"2014-06-15T01:00:25Z\" SessionIndex=\"s2f9b4d4b453d12b40ef3905cc959cdb40579c2301\"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement></saml:Assertion></samlp:Response>",
|
||||
"domain": "dc=openam",
|
||||
"hostname": "192.168.33.1\t",
|
||||
"ipaddr": "Not Available",
|
||||
"loggedby": "cn=dsameuser,ou=DSAME Users,dc=openam",
|
||||
"loginid": "id=openamuser,ou=user,dc=openam",
|
||||
"messageid": "SAML2-37",
|
||||
"modulename": "SAML2.access",
|
||||
"nameid": "user@example.com",
|
||||
"log_part": null,
|
||||
"log_idle_msecs": 0,
|
||||
"log_mark": 0,
|
||||
"log_comment": null,
|
||||
"log_tags": null,
|
||||
"log_annotations": null,
|
||||
"log_filters": null
|
||||
},
|
||||
{
|
||||
"log_line": 1,
|
||||
"log_time": "2014-06-15 01:04:52.000",
|
||||
"log_level": "trace",
|
||||
"contextid": "ec5708a7f199678a01",
|
||||
"data": "vagrant|/",
|
||||
"domain": "dc=openam",
|
||||
"hostname": "127.0.1.1\t",
|
||||
"ipaddr": "Not Available",
|
||||
"loggedby": "cn=dsameuser,ou=DSAME Users,dc=openam",
|
||||
"loginid": "cn=dsameuser,ou=DSAME Users,dc=openam",
|
||||
"messageid": "COT-22",
|
||||
"modulename": "COT.access",
|
||||
"nameid": "Not Available",
|
||||
"log_part": null,
|
||||
"log_idle_msecs": 0,
|
||||
"log_mark": 0,
|
||||
"log_comment": null,
|
||||
"log_tags": null,
|
||||
"log_annotations": null,
|
||||
"log_filters": null
|
||||
}
|
||||
]
|
@ -0,0 +1,23 @@
|
||||
[
|
||||
{
|
||||
"cs_headers": {
|
||||
"User-Agent": "Mozilla/5.0 (Linux; Android 4.4.4; SM-G900V Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.59 Mobile Safari/537.36",
|
||||
"Referer": "http://example.com/Search/SearchResults.pg?informationRecipient.languageCode.c=en",
|
||||
"Host": "xzy.example.com"
|
||||
}
|
||||
},
|
||||
{
|
||||
"cs_headers": {
|
||||
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
|
||||
"Referer": null,
|
||||
"Host": "example.hello.com"
|
||||
}
|
||||
},
|
||||
{
|
||||
"cs_headers": {
|
||||
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36",
|
||||
"Referer": null,
|
||||
"Host": "hello.example.com"
|
||||
}
|
||||
}
|
||||
]
|
@ -0,0 +1,2 @@
|
||||
name,content,length(content)
|
||||
logfile_empty.0,,0
|
@ -0,0 +1,5 @@
|
||||
log_line,log_time,log_level,log_hostname,log_msgid,log_pid,log_pri,log_procname,log_struct,log_syslog_tag,syslog_version,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2007-11-03 09:23:38.000,error,veridian,<NULL>,7998,<NULL>,automount,<NULL>,automount[7998],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2007-11-03 09:23:38.000,info,veridian,<NULL>,16442,<NULL>,automount,<NULL>,automount[16442],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2007-11-03 09:23:38.000,error,veridian,<NULL>,7999,<NULL>,automount,<NULL>,automount[7999],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
3,2007-11-03 09:47:02.000,info,veridian,<NULL>,<NULL>,<NULL>,sudo,<NULL>,sudo,<NULL>,<NULL>,1404000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -0,0 +1,40 @@
|
||||
[
|
||||
{
|
||||
"fields": {
|
||||
"namespace": "inc-1-enh-domain-c14-ns-2",
|
||||
"pod": "hello-inc-1-enh-domain-c14-ns-2-3-d8f465685-k75gp",
|
||||
"reason": "",
|
||||
"status": "Pending"
|
||||
}
|
||||
},
|
||||
{
|
||||
"fields": {
|
||||
"error": "pod inc-1-domain-c14-ns-6/fe-inc-1-domain-c14-ns-6-5-656d9bb695-4584b is not found: PodNotFound",
|
||||
"namespace": "inc-1-domain-c14-ns-6",
|
||||
"pod": "fe-inc-1-domain-c14-ns-6-5-656d9bb695-4584b",
|
||||
"uid": "be2def59-3a08-42fd-8f84-6f64cfcefa93"
|
||||
}
|
||||
},
|
||||
{
|
||||
"fields": {
|
||||
"namespace": "inc-1-domain-c14-ns-6",
|
||||
"pod": "fe-inc-1-domain-c14-ns-6-5-656d9bb695-4584b",
|
||||
"uid": "be2def59-3a08-42fd-8f84-6f64cfcefa93"
|
||||
}
|
||||
},
|
||||
{
|
||||
"fields": {
|
||||
"namespace": "inc-1-domain-c14-ns-6",
|
||||
"pod": "fe-inc-1-domain-c14-ns-6-5-656d9bb695-4584b",
|
||||
"uid": "be2def59-3a08-42fd-8f84-6f64cfcefa93"
|
||||
}
|
||||
},
|
||||
{
|
||||
"fields": {
|
||||
"namespace": "inc-1-enh-domain-c14-ns-2",
|
||||
"pod": "hello-inc-1-enh-domain-c14-ns-2-7-5ddd6bcd69-6rqct",
|
||||
"reason": "",
|
||||
"status": "Pending"
|
||||
}
|
||||
}
|
||||
]
|
@ -0,0 +1,2 @@
|
||||
log_line,log_time,log_level,bro_ts,bro_uid,bro_id_orig_h,bro_id_orig_p,bro_id_resp_h,bro_id_resp_p,bro_trans_depth,bro_method,bro_host,bro_uri,bro_referrer,bro_version,bro_user_agent,bro_request_body_len,bro_response_body_len,bro_status_code,bro_status_msg,bro_info_code,bro_info_msg,bro_tags,bro_username,bro_password,bro_proxied,bro_orig_fuids,bro_orig_filenames,bro_orig_mime_types,bro_resp_fuids,bro_resp_filenames,bro_resp_mime_types,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
118,2011-11-03 00:19:49.337,error,1320279589.337053,CBHHuR1xFnm5C5CQBc,192.168.2.76,52074,74.125.225.76,80,1,GET,i4.ytimg.com,/vi/gDbg_GeuiSY/hqdefault.jpg,<NULL>,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,893,404,Not Found,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,F2GiAw3j1m22R2yIg2,<NULL>,image/jpeg,<NULL>,18,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -1,2 +1,2 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,log_hostname,log_msgid,log_pid,log_pri,log_procname,log_struct,log_syslog_tag,syslog_version,col_0,TTY,PWD,USER,COMMAND
|
||||
0,<NULL>,2007-11-03 09:47:02.000,0,info,0,<NULL>,<NULL>,<NULL>,[1],veridian,<NULL>,<NULL>,<NULL>,sudo,<NULL>,sudo,<NULL>,timstack,pts/6,/auto/wstimstack/rpms/lbuild/test,root,/usr/bin/tail /var/log/messages
|
||||
log_line,log_time,log_level,log_hostname,log_msgid,log_pid,log_pri,log_procname,log_struct,log_syslog_tag,syslog_version,col_0,TTY,PWD,USER,COMMAND,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2007-11-03 09:47:02.000,info,veridian,<NULL>,<NULL>,<NULL>,sudo,<NULL>,sudo,<NULL>,timstack,pts/6,/auto/wstimstack/rpms/lbuild/test,root,/usr/bin/tail /var/log/messages,<NULL>,0,0,<NULL>,<NULL>,<NULL>,[1]
|
||||
|
@ -0,0 +1,11 @@
|
||||
[
|
||||
{
|
||||
"sc_substatus": 0
|
||||
},
|
||||
{
|
||||
"sc_substatus": 0
|
||||
},
|
||||
{
|
||||
"sc_substatus": null
|
||||
}
|
||||
]
|
@ -0,0 +1,4 @@
|
||||
log_line,log_time,log_level,log_msg_format,log_msg_values,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters,log_msg_schema
|
||||
0,2015-11-03 09:23:38.000,info,# is up,"{""col_0"":""eth0""}",<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,ce6143108d22799c9c7a994e21e7302e
|
||||
1,2015-11-03 09:23:38.000,info,# is up,"{""col_0"":""eth1""}",<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,ce6143108d22799c9c7a994e21e7302e
|
||||
2,2015-11-03 09:23:38.000,info,# is down,"{""col_0"":""eth0""}",<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,83cd119b5b6f7e79abff4d28946b7a61
|
@ -0,0 +1,3 @@
|
||||
log_line,log_time,log_level,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
1,2015-03-24 14:02:50.000,info,127.0.0.1,GET,<NULL>,<NULL>,/includes/js/combined-javascript.js,<NULL>,-,HTTP/1.1,65508,200,<NULL>,<NULL>,6927348000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2015-03-24 14:02:50.000,error,127.0.0.1,GET,<NULL>,<NULL>,/bad.foo,<NULL>,-,HTTP/1.1,65508,404,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -0,0 +1,10 @@
|
||||
node_text
|
||||
"Gambardella, Matthew"
|
||||
"Ralls, Kim"
|
||||
"Corets, Eva"
|
||||
"Randall, Cynthia"
|
||||
"Thurman, Paula"
|
||||
"Knorr, Stefan"
|
||||
"Kress, Peter"
|
||||
"O'Brien, Tim"
|
||||
"Galos, Mike"
|
@ -0,0 +1,6 @@
|
||||
log_line,log_time,log_level,bro_ts,bro_uid,bro_id_orig_h,bro_id_orig_p,bro_id_resp_h,bro_id_resp_p,bro_trans_depth,bro_method,bro_host,bro_uri,bro_referrer,bro_version,bro_user_agent,bro_request_body_len,bro_response_body_len,bro_status_code,bro_status_msg,bro_info_code,bro_info_msg,bro_tags,bro_username,bro_password,bro_proxied,bro_orig_fuids,bro_orig_filenames,bro_orig_mime_types,bro_resp_fuids,bro_resp_filenames,bro_resp_mime_types,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2011-11-03 00:19:26.452,info,1320279566.452687,CwFs1P2UcUdlSxD2La,192.168.2.76,52026,132.235.215.119,80,1,GET,www.reddit.com,/,<NULL>,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,109978,200,OK,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,Ftw3fJ2JJF3ntMTL2,<NULL>,text/html,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2011-11-03 00:19:26.831,info,1320279566.831619,CJxSUgkInyKSHiju1,192.168.2.76,52030,72.21.211.173,80,1,GET,e.thumbs.redditmedia.com,/E-pbDbmiBclPkDaX.jpg,http://www.reddit.com/,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,2300,200,OK,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,FFTf9Zdgk3YkfCKo3,<NULL>,image/jpeg,<NULL>,379,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2011-11-03 00:19:26.831,info,1320279566.831563,CJwUi9bdB9c1lLW44,192.168.2.76,52029,72.21.211.173,80,1,GET,f.thumbs.redditmedia.com,/BP5bQfy4o-C7cF6A.jpg,http://www.reddit.com/,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,2272,200,OK,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,FfXtOj3o7aub4vbs2j,<NULL>,image/jpeg,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
3,2011-11-03 00:19:26.831,info,1320279566.831473,CoX7zA3OJKGUOSCBY2,192.168.2.76,52027,72.21.211.173,80,1,GET,e.thumbs.redditmedia.com,/SVUtep3Rhg5FTRn4.jpg,http://www.reddit.com/,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,2562,200,OK,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,F21Ybs3PTqS6O4Q2Zh,<NULL>,image/jpeg,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
4,2011-11-03 00:19:26.831,info,1320279566.831643,CT0JIh479jXIGt0Po1,192.168.2.76,52031,72.21.211.173,80,1,GET,f.thumbs.redditmedia.com,/uuy31444rLSyKdHS.jpg,http://www.reddit.com/,1.1,Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1,0,1595,200,OK,<NULL>,<NULL>,,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,Fdk0MZ1wQmKWAJ4WH4,<NULL>,image/jpeg,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -0,0 +1,11 @@
|
||||
duration,bro_uid,req
|
||||
116.438679,CwFs1P2UcUdlSxD2La,GET www.reddit.com
|
||||
115.202498,CdZUPH2DKOE7zzCLE3,GET feeds.bbci.co.uk
|
||||
115.121914,CdrfXZ1NOFPEawF218,GET c.thumbs.redditmedia.com
|
||||
115.121837,CoX7zA3OJKGUOSCBY2,GET e.thumbs.redditmedia.com
|
||||
115.12181,CJxSUgkInyKSHiju1,GET e.thumbs.redditmedia.com
|
||||
115.121506,CT0JIh479jXIGt0Po1,GET f.thumbs.redditmedia.com
|
||||
115.121339,CJwUi9bdB9c1lLW44,GET f.thumbs.redditmedia.com
|
||||
115.119217,C6Q4Vm14ZJIlZhsXqk,GET a.thumbs.redditmedia.com
|
||||
72.274459,CbNCgO1MzloHRNeY4f,GET www.google.com
|
||||
71.658218,CnGze54kQWWpKqrrZ4,GET ajax.googleapis.com
|
@ -0,0 +1,2 @@
|
||||
log_line,log_time,log_level,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
1,2009-07-20 22:59:29.000,error,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404,<NULL>,<NULL>,3000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -0,0 +1,4 @@
|
||||
log_line,log_time,log_level,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters
|
||||
0,2009-07-20 22:59:26.000,info,192.168.202.254,GET,-,<NULL>,/vmw/cgi/tramp,gPXE/0.9.7,-,HTTP/1.0,134,200,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
1,2009-07-20 22:59:29.000,error,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404,<NULL>,<NULL>,3000,0,<NULL>,<NULL>,<NULL>,<NULL>
|
||||
2,2009-07-20 22:59:29.000,info,192.168.202.254,GET,-,<NULL>,/vmw/vSphere/default/vmkernel.gz,gPXE/0.9.7,-,HTTP/1.0,78929,200,<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>
|
@ -1,27 +1,27 @@
|
||||
log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_annotations,log_filters,log_hostname,log_msgid,log_pid,log_pri,log_procname,log_struct,log_syslog_tag,syslog_version,match_index,content
|
||||
2,<NULL>,2022-08-16 00:32:15.000,199000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,0,"{""value"":""com.apple.cdscheduler""}"
|
||||
2,<NULL>,2022-08-16 00:32:15.000,199000,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
5,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,0,"{""value"":""com.apple.install""}"
|
||||
5,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,1,"{""value"":"" sharing output destination ""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,2,"{""value"":""/var/log/asl""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,3,"{""value"":"" with ASL Module ""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,4,"{""value"":""com.apple.asl""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,5,"{""value"":"".\n\tOutput parameters from ASL Module ""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,6,"{""value"":""com.apple.asl""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,7,"{""value"":"" override any specified in ASL Module ""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,8,"{""value"":""com.apple.authd""}"
|
||||
8,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,9,"{""value"":"".""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,1,"{""value"":"" sharing output destination ""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,2,"{""value"":""/var/log/system.log""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,3,"{""value"":"" with ASL Module ""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,4,"{""value"":""com.apple.asl""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,5,"{""value"":"".\n\tOutput parameters from ASL Module ""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,6,"{""value"":""com.apple.asl""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,7,"{""value"":"" override any specified in ASL Module ""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,8,"{""value"":""com.apple.authd""}"
|
||||
11,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,9,"{""value"":"".""}"
|
||||
14,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
14,<NULL>,2022-08-16 00:32:15.000,0,info,0,<NULL>,<NULL>,<NULL>,<NULL>,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
log_line,log_time,log_level,log_hostname,log_msgid,log_pid,log_pri,log_procname,log_struct,log_syslog_tag,syslog_version,log_part,log_idle_msecs,log_mark,log_comment,log_tags,log_annotations,log_filters,match_index,content
|
||||
2,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,199000,0,<NULL>,<NULL>,<NULL>,<NULL>,0,"{""value"":""com.apple.cdscheduler""}"
|
||||
2,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,199000,0,<NULL>,<NULL>,<NULL>,<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
5,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,0,"{""value"":""com.apple.install""}"
|
||||
5,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,1,"{""value"":"" sharing output destination ""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,2,"{""value"":""/var/log/asl""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,3,"{""value"":"" with ASL Module ""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,4,"{""value"":""com.apple.asl""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,5,"{""value"":"".\n\tOutput parameters from ASL Module ""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,6,"{""value"":""com.apple.asl""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,7,"{""value"":"" override any specified in ASL Module ""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,8,"{""value"":""com.apple.authd""}"
|
||||
8,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,9,"{""value"":"".""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,1,"{""value"":"" sharing output destination ""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,2,"{""value"":""/var/log/system.log""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,3,"{""value"":"" with ASL Module ""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,4,"{""value"":""com.apple.asl""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,5,"{""value"":"".\n\tOutput parameters from ASL Module ""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,6,"{""value"":""com.apple.asl""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,7,"{""value"":"" override any specified in ASL Module ""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,8,"{""value"":""com.apple.authd""}"
|
||||
11,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,9,"{""value"":"".""}"
|
||||
14,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,0,"{""value"":""com.apple.authd""}"
|
||||
14,2022-08-16 00:32:15.000,info,Tims-Air,<NULL>,314,<NULL>,syslogd,<NULL>,syslogd[314],<NULL>,<NULL>,0,0,<NULL>,<NULL>,<NULL>,<NULL>,1,"{""value"":"" claims selected messages.\n\tThose messages may not appear in standard system log files or in the ASL database.""}"
|
||||
|
Loading…
Reference in New Issue