Hi Hari,
Good idea, but does logstash handle intertwined logs, as per ...
21/Apr/2009:11:39:51 -0700] conn=11 fd=608 slot=608 connection from
207.1.153.51 to 192.18.122.139
[21/Apr/2009:11:39:51 -0700] conn=11 op=0 BIND dn="cn=Directory Manager"
method=128 version=3
[21/Apr/2009:11:39:51 -0700] c
If MMR - perhaps via log consolidation - e.g. ELK stack (grok filter)?
Similar to https://discuss.elastic.co/t/how-filter-openldap-logs/2492.
From: 389-users-boun...@lists.fedoraproject.org
[389-users-boun...@lists.fedoraproject.org] on behalf of Burn Alt
Has anyone authored code to parse a 389 Directory Server's access.log
file(s) with an aim of generating audit events based around the LDAP
request type. Basically, take the log sequence
[21/Apr/2007:11:39:51 -0700] conn=11 fd=608 slot=608 connection from
207.1.153.51 to 192.18.122.139
[21/