/ #fullwidth #Grok 

Useful Logstash GROK patterns

I’ve not the time right now to write more in the Logstash series, but as a quick interlude, I’d like to link to my ever-expanding Gist containing some useful Logstash GROK patterns for Postfix and Sendmail. Good, comprehensive sets of these are a bit of a slog to find online, so I cobbled together some from posts on the Internets, GitHub Gists and some tweaks of my own to make them work.

Presented as-is and there’s no guarantee they’ll work for you. You may have to tweak them.

I’d recommend getting intimate with grokDebug for when you start writing your own patterns.

Author

Kyrill

Itinerant photographer, firespinner, poly feminist, he/him.