Skip to content

sei: incorrect exclude_files syntax in numerous packages #8634

Closed
#8635
Closed
sei: incorrect exclude_files syntax in numerous packages#8634
#8635
Assignees
efd6
Labels
bugSomething isn't working, use only for issues
@efd6

Description

@efd6
efd6
opened on Dec 4, 2023

logfile inputs allow exclusion of files by pattern (Go RE2). In many cases the configuration for this option incorrectly uses a literal dot, exclude_files: [".gz$"] instead of an escaped dot, exclude_files: ['\.gz$'].

  • atlassian_bitbucket
  • atlassian_confluence
  • atlassian_jira
  • auditd
  • auditd_manager
  • aws
  • azure_blob_storage
  • azure_frontdoor
  • barracuda
  • barracuda_cloudgen_firewall
  • bluecoat
  • carbonblack_edr
  • cef
  • checkpoint
  • cisco_aironet
  • cisco_asa
  • cisco_ftd
  • cisco_ios
  • cisco_ise
  • cisco_meraki
  • cisco_nexus
  • cisco_secure_email_gateway
  • citrix_waf
  • crowdstrike
  • cyberarkpas
  • cylance
  • f5
  • f5_bigip
  • fireeye
  • forcepoint_web
  • fortinet_forticlient
  • fortinet_fortiedr
  • fortinet_fortigate
  • fortinet_fortimail
  • fortinet_fortimanager
  • hashicorp_vault
  • hid_bravura_monitor
  • imperva
  • infoblox_nios
  • iptables
  • mattermost
  • microsoft_defender_endpoint
  • microsoft_dhcp
  • microsoft_exchange_online_message_trace
  • modsecurity
  • mysql_enterprise
  • netscout
  • osquery
  • panw
  • panw_cortex_xdr
  • radware
  • santa
  • snort
  • sonicwall_firewall
  • sophos
  • sophos_central
  • squid
  • suricata
  • symantec_endpoint
  • sysmon_linux
  • thycotic_ss
  • ti_recordedfuture
  • trendmicro
  • zeek

Metadata

Metadata

Assignees

Labels

bugSomething isn't working, use only for issues

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions