Skip to content

Commit

Permalink
Updated the regex with some more constraints
Browse files Browse the repository at this point in the history
  • Loading branch information
@cwadhwani-splunk
cwadhwani-splunk committed Nov 21, 2024
1 parent 90f973f commit f703863
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion package/etc/conf.d/conflib/raw/app-raw-bsd_nopri.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ block parser app-raw-bsd_nopri() {
};
application app-raw-bsd_nopri[sc4s-raw-syslog] {
filter {
message('^\w\w\w [ \d]\d \d\d:\d\d:\d\d ');
message('^\w{3} ([0 ][1-9]|[12]\d|3[01]) (0\d|1\d|2[0-3]):([0-5]\d):([0-5]\d) ');
};
parser { app-raw-bsd_nopri(); };
};
2 changes: 1 addition & 1 deletion package/lite/etc/conf.d/conflib/raw/app-raw-bsd_nopri.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ block parser app-raw-bsd_nopri() {
};
application app-raw-bsd_nopri[sc4s-raw-syslog] {
filter {
message('^\w\w\w [ \d]\d \d\d:\d\d:\d\d ');
message('^\w{3} ([0 ][1-9]|[12]\d|3[01]) (0\d|1\d|2[0-3]):([0-5]\d):([0-5]\d) ');
};
parser { app-raw-bsd_nopri(); };
};

0 comments on commit f703863

Please sign in to comment.