brentroady/logstash-grok-iis

Created August 6, 2014 16:05

Star (1) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/brentroady/254a9fd7c7f4a0b5f836.js"></script>
Save brentroady/254a9fd7c7f4a0b5f836 to your computer and use it in GitHub Desktop.

Download ZIP

Logstash Grok Pattern for a Default IIS 7.5 Log

Raw

logstash-grok-iis

%{TIMESTAMP_ISO8601:timestamp} %{IP:sourceip} %{WORD:method} %{URIPATH:uristem} (?:-|%{NOTSPACE:uriquery}) %{POSINT:port} (?:-|%{NOTSPACE:username}) %{IP:clientip} %{NOTSPACE:useragent} %{NUMBER:status} %{NUMBER:substatus} %{NUMBER:win32status} %{NUMBER:timetaken}

ibowen commented Feb 5, 2016

Thank you very much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment