logstash filters for ssh attempts
Description Logstash filters for ssh brute for, sudo auth failures, or failed login attempts Filters grok { type => “syslog” patterns_dir => [“/opt/logstash/patterns”] pattern => [ “%{SYSLOGLINE}” ] } grep { type => “syslog” drop => false match => […