Hi, is that possible to using multiple pattern grok parser ini 1 pattern file? i’m trying to parsing authlog file in /var/log/secure into metron. the problem is there are different structures of logs inside /var/log/secure. any suggest for this pls?
Best Regards,
