fix issue with sshd_disconnect_status

nxhack / logstash

Configurations of my logstash: logstash, filebeat, grok patterns: sshd, postfix, apache, sysdig, zimbra mailbox.log, zimbra zimbra.log, Datadog Dogstatsd, fail2ban

91 stars 33 forks source link

fix issue with sshd_disconnect_status #4

Closed Condla closed 5 years ago

Condla commented 5 years ago

I had a problem parsing a message of opening an sshd session, that I could fix by homogenizing the SSHD_DISCONNECT statement.

nxhack commented 5 years ago

@Condla Thank you. Looks good. Merged.