OLD | NEW |
1 {"event_0": {"__container_type__": "event", "__type__": "AttributeContainer", "b
ody": "INFO No change in [/etc/netgroup]. Done", "data_type": "syslog:line", "di
splay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/s
yslog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser":
"syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/
syslog", "type_indicator": "OS"}, "pid": 30840, "reporter": "client", "severity"
: {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba
631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218753000000, "timest
amp_desc": "Content Modification Time"} | 1 {"event_0": {"__container_type__": "event", "__type__": "AttributeContainer", "b
ody": "INFO No change in [/etc/netgroup]. Done", "data_type": "syslog:line", "di
splay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/s
yslog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser":
"syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/
syslog", "type_indicator": "OS"}, "pid": 30840, "reporter": "client", "severity"
: {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba
631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218753000000, "timest
amp_desc": "Content Modification Time"} |
2 , "event_1": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "INFO No new content in \u00edmynd.dd.", "data_type": "syslog:line", "dis
play_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/sy
slog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "
syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/s
yslog", "type_indicator": "OS"}, "pid": 30840, "reporter": "client", "severity":
{"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba6
31148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218753000000, "timesta
mp_desc": "Content Modification Time"} | 2 , "event_1": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "INFO No new content in \u00edmynd.dd.", "data_type": "syslog:line", "dis
play_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/sy
slog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "
syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/s
yslog", "type_indicator": "OS"}, "pid": 30840, "reporter": "client", "severity":
{"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba6
31148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218753000000, "timesta
mp_desc": "Content Modification Time"} |
3 , "event_2": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (touch /var/run/crond.somecheck)", "command": "touch /var/run
/crond.somecheck", "data_type": "syslog:cron:task_run", "display_name": "OS:/tmp
/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostname": "
myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec":
{"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indica
tor": "OS"}, "pid": 31051, "reporter": "CRON", "severity": {"__type__": "bytes",
"stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd
2b74098a3dab50c4", "timestamp": 1327218781000000, "timestamp_desc": "Content Mod
ification Time", "username": "root"} | 3 , "event_2": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (touch /var/run/crond.somecheck)", "command": "touch /var/run
/crond.somecheck", "data_type": "syslog:cron:task_run", "display_name": "OS:/tmp
/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostname": "
myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec":
{"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indica
tor": "OS"}, "pid": 31051, "reporter": "CRON", "severity": {"__type__": "bytes",
"stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd
2b74098a3dab50c4", "timestamp": 1327218781000000, "timestamp_desc": "Content Mod
ification Time", "username": "root"} |
4 , "event_3": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (/sbin/status.mycheck))", "command": "/sbin/status.mycheck)",
"data_type": "syslog:cron:task_run", "display_name": "OS:/tmp/test/test_data/sy
slog", "filename": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.
com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "Pat
hSpec", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid"
: 31067, "reporter": "CRON", "severity": {"__type__": "bytes", "stream": ""}, "s
ha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4",
"timestamp": 1327218841000000, "timestamp_desc": "Content Modification Time", "
username": "root"} | 4 , "event_3": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (/sbin/status.mycheck))", "command": "/sbin/status.mycheck)",
"data_type": "syslog:cron:task_run", "display_name": "OS:/tmp/test/test_data/sy
slog", "filename": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.
com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "Pat
hSpec", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid"
: 31067, "reporter": "CRON", "severity": {"__type__": "bytes", "stream": ""}, "s
ha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4",
"timestamp": 1327218841000000, "timestamp_desc": "Content Modification Time", "
username": "root"} |
5 , "event_4": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (touch /var/run/crond.somecheck)", "command": "touch /var/run
/crond.somecheck", "data_type": "syslog:cron:task_run", "display_name": "OS:/tmp
/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostname": "
myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec":
{"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indica
tor": "OS"}, "pid": 31068, "reporter": "CRON", "severity": {"__type__": "bytes",
"stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd
2b74098a3dab50c4", "timestamp": 1327218841000000, "timestamp_desc": "Content Mod
ification Time", "username": "root"} | 5 , "event_4": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "(root) CMD (touch /var/run/crond.somecheck)", "command": "touch /var/run
/crond.somecheck", "data_type": "syslog:cron:task_run", "display_name": "OS:/tmp
/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostname": "
myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "pathspec":
{"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indica
tor": "OS"}, "pid": 31068, "reporter": "CRON", "severity": {"__type__": "bytes",
"stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd
2b74098a3dab50c4", "timestamp": 1327218841000000, "timestamp_desc": "Content Mod
ification Time", "username": "root"} |
6 , "event_5": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "`cron.daily' terminated", "data_type": "syslog:line", "display_name": "O
S:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostna
me": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "path
spec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_
indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter": "Job"
, "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad
2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218872000
000, "timestamp_desc": "Content Modification Time"} | 6 , "event_5": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "`cron.daily' terminated", "data_type": "syslog:line", "display_name": "O
S:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/syslog", "hostna
me": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "syslog", "path
spec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_
indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter": "Job"
, "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad
2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1327218872000
000, "timestamp_desc": "Content Modification Time"} |
7 , "event_6": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "testing leap year in parsing, events take place in 2012 ---", "data_type
": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "filename": "
/tmp/test/test_data/syslog", "hostname": ":", "inode": 0, "offset": 0, "parser":
"syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data
/syslog", "type_indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "
reporter": "---", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash"
: "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp
": 1330478143000000, "timestamp_desc": "Content Modification Time"} | 7 , "event_6": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "testing leap year in parsing, events take place in 2012 ---", "data_type
": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "filename": "
/tmp/test/test_data/syslog", "hostname": ":", "inode": 0, "offset": 0, "parser":
"syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data
/syslog", "type_indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "
reporter": "---", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash"
: "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp
": 1330478143000000, "timestamp_desc": "Content Modification Time"} |
8 , "event_7": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "No true exit can exist (124 job run)", "data_type": "syslog:line", "disp
lay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/sys
log", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "s
yslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/sy
slog", "type_indicator": "OS"}, "pid": 1234, "reporter": "anacron", "severity":
{"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba63
1148740e312598878adcd2b74098a3dab50c4", "tag": {"__container_type__": "event_tag
", "__type__": "AttributeContainer", "comment": "Tag applied by tagging analysis
plugin.Tag applied by tagging analysis plugin.", "event_entry_index": 7, "event
_stream_number": 2, "labels": [{"__type__": "bytes", "stream": "exit"}]}, "times
tamp": 1355853272000000, "timestamp_desc": "Content Modification Time"} | 8 , "event_7": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "No true exit can exist (124 job run)", "data_type": "syslog:line", "disp
lay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/sys
log", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser": "s
yslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/sy
slog", "type_indicator": "OS"}, "pid": 1234, "reporter": "anacron", "severity":
{"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba63
1148740e312598878adcd2b74098a3dab50c4", "tag": {"__container_type__": "event_tag
", "__type__": "AttributeContainer", "comment": "Tag applied by tagging analysis
plugin.Tag applied by tagging analysis plugin.", "labels": [{"__type__": "bytes
", "stream": "exit"}]}, "timestamp": 1355853272000000, "timestamp_desc": "Conten
t Modification Time"} |
9 , "event_8": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "This syslog message has a fractional value for seconds.", "data_type": "
syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp
/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inode": 0, "offse
t": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "location": "/tm
p/test/test_data/syslog", "type_indicator": "OS"}, "pid": 19, "reporter": "somra
ndomexe", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f010
5612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 13640
79678000000, "timestamp_desc": "Content Modification Time"} | 9 , "event_8": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "This syslog message has a fractional value for seconds.", "data_type": "
syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp
/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inode": 0, "offse
t": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "location": "/tm
p/test/test_data/syslog", "type_indicator": "OS"}, "pid": 19, "reporter": "somra
ndomexe", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f010
5612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 13640
79678000000, "timestamp_desc": "Content Modification Time"} |
10 , "event_9": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "This syslog message is brought to you by me (and not the other guy)", "d
ata_type": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "file
name": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inode
": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "loc
ation": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid": 1915, "rep
orter": "somrandomexe", "severity": {"__type__": "bytes", "stream": ""}, "sha256
_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "tim
estamp": 1364079678000000, "timestamp_desc": "Content Modification Time"} | 10 , "event_9": {"__container_type__": "event", "__type__": "AttributeContainer", "
body": "This syslog message is brought to you by me (and not the other guy)", "d
ata_type": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "file
name": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inode
": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "loc
ation": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid": 1915, "rep
orter": "somrandomexe", "severity": {"__type__": "bytes", "stream": ""}, "sha256
_hash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "tim
estamp": 1364079678000000, "timestamp_desc": "Content Modification Time"} |
11 , "event_10": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "This is a multi-line message that screws up\n\tmany syslog parsers.", "
data_type": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "fil
ename": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inod
e": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "lo
cation": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid": 10100, "r
eporter": "aprocess", "severity": {"__type__": "bytes", "stream": ""}, "sha256_h
ash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "times
tamp": 1384737320000000, "timestamp_desc": "Content Modification Time"} | 11 , "event_10": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "This is a multi-line message that screws up\n\tmany syslog parsers.", "
data_type": "syslog:line", "display_name": "OS:/tmp/test/test_data/syslog", "fil
ename": "/tmp/test/test_data/syslog", "hostname": "myhostname.myhost.com", "inod
e": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__": "PathSpec", "lo
cation": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "pid": 10100, "r
eporter": "aprocess", "severity": {"__type__": "bytes", "stream": ""}, "sha256_h
ash": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "times
tamp": 1384737320000000, "timestamp_desc": "Content Modification Time"} |
12 , "event_11": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "Another one just like this (124 job run)", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_dat
a/syslog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser
": "syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_da
ta/syslog", "type_indicator": "OS"}, "pid": 1234, "reporter": "/sbin/anacron", "
severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d2
25d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1388512472000000
, "timestamp_desc": "Content Modification Time"} | 12 , "event_11": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "Another one just like this (124 job run)", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_dat
a/syslog", "hostname": "myhostname.myhost.com", "inode": 0, "offset": 0, "parser
": "syslog", "pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_da
ta/syslog", "type_indicator": "OS"}, "pid": 1234, "reporter": "/sbin/anacron", "
severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d2
25d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1388512472000000
, "timestamp_desc": "Content Modification Time"} |
13 , "event_12": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "Test message with single character day", "data_type": "syslog:line", "d
isplay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/
syslog", "hostname": "victoria", "inode": 0, "offset": 0, "parser": "syslog", "p
athspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "ty
pe_indicator": "OS"}, "pid": 2085, "reporter": "process", "severity": {"__type__
": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e31
2598878adcd2b74098a3dab50c4", "timestamp": 1391699790000000, "timestamp_desc": "
Content Modification Time"} | 13 , "event_12": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "Test message with single character day", "data_type": "syslog:line", "d
isplay_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/
syslog", "hostname": "victoria", "inode": 0, "offset": 0, "parser": "syslog", "p
athspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "ty
pe_indicator": "OS"}, "pid": 2085, "reporter": "process", "severity": {"__type__
": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631148740e31
2598878adcd2b74098a3dab50c4", "timestamp": 1391699790000000, "timestamp_desc": "
Content Modification Time"} |
14 , "event_13": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "last message repeated 5 times ---", "data_type": "syslog:line", "displa
y_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/syslo
g", "hostname": ":", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"
__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indicator
": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter": "---", "severi
ty": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd
9ba631148740e312598878adcd2b74098a3dab50c4", "tag": {"__container_type__": "even
t_tag", "__type__": "AttributeContainer", "comment": "Tag applied by tagging ana
lysis plugin.Tag applied by tagging analysis plugin.", "event_entry_index": 13,
"event_stream_number": 2, "labels": [{"__type__": "bytes", "stream": "repeated"}
]}, "timestamp": 1416273343000000, "timestamp_desc": "Content Modification Time"
} | 14 , "event_13": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "last message repeated 5 times ---", "data_type": "syslog:line", "displa
y_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_data/syslo
g", "hostname": ":", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"
__type__": "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indicator
": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter": "---", "severi
ty": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd
9ba631148740e312598878adcd2b74098a3dab50c4", "tag": {"__container_type__": "even
t_tag", "__type__": "AttributeContainer", "comment": "Tag applied by tagging ana
lysis plugin.Tag applied by tagging analysis plugin.", "labels": [{"__type__": "
bytes", "stream": "repeated"}]}, "timestamp": 1416273343000000, "timestamp_desc"
: "Content Modification Time"} |
15 , "event_14": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "[997.390602] sda2: rw=0, want=65, limit=2", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_da
ta/syslog", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__"
: "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"},
"pid": {"__type__": "bytes", "stream": ""}, "reporter": "kernel", "severity": {
"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631
148740e312598878adcd2b74098a3dab50c4", "timestamp": 1416299420000000, "timestamp
_desc": "Content Modification Time"} | 15 , "event_14": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "[997.390602] sda2: rw=0, want=65, limit=2", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_da
ta/syslog", "inode": 0, "offset": 0, "parser": "syslog", "pathspec": {"__type__"
: "PathSpec", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"},
"pid": {"__type__": "bytes", "stream": ""}, "reporter": "kernel", "severity": {
"__type__": "bytes", "stream": ""}, "sha256_hash": "1f0105612f6ad2d225d6bd9ba631
148740e312598878adcd2b74098a3dab50c4", "timestamp": 1416299420000000, "timestamp
_desc": "Content Modification Time"} |
16 , "event_15": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "[998.390602] sda2: rw=0, want=66, limit=2", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_da
ta/syslog", "hostname": "victoria", "inode": 0, "offset": 0, "parser": "syslog",
"pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog",
"type_indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter":
"kernel", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f01
05612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1416
299480000000, "timestamp_desc": "Content Modification Time"} | 16 , "event_15": {"__container_type__": "event", "__type__": "AttributeContainer",
"body": "[998.390602] sda2: rw=0, want=66, limit=2", "data_type": "syslog:line",
"display_name": "OS:/tmp/test/test_data/syslog", "filename": "/tmp/test/test_da
ta/syslog", "hostname": "victoria", "inode": 0, "offset": 0, "parser": "syslog",
"pathspec": {"__type__": "PathSpec", "location": "/tmp/test/test_data/syslog",
"type_indicator": "OS"}, "pid": {"__type__": "bytes", "stream": ""}, "reporter":
"kernel", "severity": {"__type__": "bytes", "stream": ""}, "sha256_hash": "1f01
05612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timestamp": 1416
299480000000, "timestamp_desc": "Content Modification Time"} |
17 , "event_16": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "atime"} | 17 , "event_16": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "atime"} |
18 , "event_17": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "ctime"} | 18 , "event_17": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "ctime"} |
19 , "event_18": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "mtime"} | 19 , "event_18": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238787000000, "timestamp_desc": "mtime"} |
20 , "event_19": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238788000000, "timestamp_desc": "atime"} | 20 , "event_19": {"__container_type__": "event", "__type__": "AttributeContainer",
"data_type": "fs:stat", "display_name": "OS:/tmp/test/test_data/syslog", "file_e
ntry_type": 3, "file_size": {"__type__": "tuple", "values": [1509]}, "file_syste
m_type": "OS", "filename": "/tmp/test/test_data/syslog", "inode": 0, "is_allocat
ed": true, "offset": 0, "parser": "filestat", "pathspec": {"__type__": "PathSpec
", "location": "/tmp/test/test_data/syslog", "type_indicator": "OS"}, "sha256_ha
sh": "1f0105612f6ad2d225d6bd9ba631148740e312598878adcd2b74098a3dab50c4", "timest
amp": 1491238788000000, "timestamp_desc": "atime"} |
21 } | 21 } |
OLD | NEW |