diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2011-03-04 16:21:18 +0100 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2011-03-04 16:21:18 +0100 |
| commit | ab2129c185c917af3ce45facb69751c4c8415fce (patch) | |
| tree | 7e75bbbdf1075ecee12c07d2f64fd68d66f469bc /tests/testsuites/samples.snare_ccoff_udp | |
| parent | 062c1ffbdce422c0df3b5314d25d935f1bd2a9e1 (diff) | |
| download | rsyslog-ab2129c185c917af3ce45facb69751c4c8415fce.tar.gz rsyslog-ab2129c185c917af3ce45facb69751c4c8415fce.tar.xz rsyslog-ab2129c185c917af3ce45facb69751c4c8415fce.zip | |
changed testbench parser patterns for more usual system config
a problem in the current testbench is that it depends on the locally
assigned system name. We have changed the default to the most common
default value. However, in the long term we need to fix this (and will
do so via a preloaded DNS cache, which we do not yet have!)
Diffstat (limited to 'tests/testsuites/samples.snare_ccoff_udp')
| -rw-r--r-- | tests/testsuites/samples.snare_ccoff_udp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/testsuites/samples.snare_ccoff_udp b/tests/testsuites/samples.snare_ccoff_udp index 010e44d5..1ae7e8b4 100644 --- a/tests/testsuites/samples.snare_ccoff_udp +++ b/tests/testsuites/samples.snare_ccoff_udp @@ -3,7 +3,7 @@ # *real* cases (just mangled to anonymize them...) # Sample 1 - note the absence of PRI! windowsserver MSWinEventLog 1 Security 1167 Fri Mar 19 15:33:30 2010 540 Security SYSTEM User Success Audit WINDOWSSERVER Logon/Logoff Successful Network Logon: User Name: WINDOWSSERVER$ Domain: DOMX Logon ID: (0x0,0xF88396) Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Workstation Name: Logon GUID: {79b6eb79-7bcc-8a2e-7dad-953c51dc00fd} Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.11.11.3 Source Port: 3306 733\n -13,user,notice,localhost,windowsserver,windowsserver MSWinEventLog 1 Security 1167 Fri, Mar 19 15:33:30 2010 540 Security SYSTEM User Success Audit WINDOWSSERVER Logon/Logoff Successful Network Logon: User Name: WINDOWSSERVER$ Domain: DOMX Logon ID: (0x0,0xF88396) Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Workstation Name: Logon GUID: {79b6eb79-7bcc-8a2e-7dad-953c51dc00fd} Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.11.11.3 Source Port: 3306 733 +13,user,notice,localhost.localdomain,windowsserver,windowsserver MSWinEventLog 1 Security 1167 Fri, Mar 19 15:33:30 2010 540 Security SYSTEM User Success Audit WINDOWSSERVER Logon/Logoff Successful Network Logon: User Name: WINDOWSSERVER$ Domain: DOMX Logon ID: (0x0,0xF88396) Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Workstation Name: Logon GUID: {79b6eb79-7bcc-8a2e-7dad-953c51dc00fd} Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.11.11.3 Source Port: 3306 733 # Sample 2 # the samples below need to be disabled for the "workaround patch" for the message # parser to work. They need to be re-enabled once a final solution has been crafted |