Skip to content

Commit

Permalink
Merge pull request #68 from jfrog/PTRENG-5967
Browse files Browse the repository at this point in the history
Fix artifactory access log regex to match input
  • Loading branch information
benharosh authored Apr 11, 2024
2 parents 6d5d681 + 39b7a42 commit 7967d92
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

All changes to the log analytics integration will be documented in this file.

## [1.0.2] - April 11th, 2024

* Fix Artifactory access's regex to match log input changes

## [1.0.1] - March 22nd, 2024

* Updated docker images to use fluetnd:1.16.3 to resolve existing CVEs. Please see [security section](https://github.com/jfrog/log-analytics-splunk/security) for more info
Expand Down
2 changes: 1 addition & 1 deletion fluent.conf.rt
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@
tag jfrog.rt.artifactory.access
<parse>
@type regexp
expression /^(?<log_timestamp>[^ ]*) \[(?<trace_id>[^\]]*)\] \[(?<action_response>[^\]]*)\] (?<repo_path>.*) for client : (?<username>.+)\/(?<ip>\s*\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\.(?<message>.+)?$/
expression /^(?<log_timestamp>[^\s]*) \[(?<trace_id>[^\s\]]*)\s*\] \[(?<action_response>[^\]\r\n]*)\] (?<repo_path>[^\s]*)? *for client : *(?<username>[^\s]*) *\/ *(?<ip>[^\s]*)? ?(\[(?<token>[^\s]*)\])?$/
time_key log_timestamp
time_format %Y-%m-%dT%H:%M:%S.%LZ
</parse>
Expand Down

0 comments on commit 7967d92

Please sign in to comment.