marcredhat-siem-toolkit-pat…/parsers/f5_networks_logs-latest

{
  attributes: {
    class_uid: "5002",
    category_uid: "4",
    severity_id: "0",
    class_name: "F5 Web Traffic",
    category_name: "F5 HTTP Access Logs",
    "metadata.product.name": "F5 BIG-IP",
    "metadata.product.vendor_name": "F5 Networks",
    "dataSource.category": "network",
    "dataSource.name": "F5 BIG-IP",
    "dataSource.vendor": "F5"
  },
  patterns: {
    timestamp: "\\d{4}/\\d{2}/\\d{2}\\s+\\d{2}:\\d{2}:\\d{2}",
    ipv4: "(?:\\d{1,3}\\.){3}\\d{1,3}",
    quote: "\"[^\"]*\"",
    number: "\\d+"
  },
  formats: [
    {
      format: ".*$_=identifier$=$_$(?:\\,|\\r)",
      repeat: true
    }
  ]
}