• Home
• org.graylog2
• graylog2-server
• 2.2.0-alpha.1
• source code

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

graylog2-server.2.2.0-alpha.1.source-code.blacklist.drl Maven / Gradle / Ivy

package org.graylog2.rules;

import org.graylog2.plugin.*
import org.graylog2.filters.*
import org.graylog2.filters.blacklist.*

global org.slf4j.Logger log

rule "blacklist any field equality"
    when
        $f : BlacklistFieldEqualityCondition()
        $m : Message (filterOut == false, $f.matchesFieldStringValue(getField($f.fieldName)) == true )
    then
        modify($m){ setFilterOut(true) }
end

rule "blacklist any field pattern"
    when
        $p : BlacklistPatternCondition()
        $m : Message( filterOut == false, $p.matchesPattern(getField($p.fieldName)) == true )
    then
        modify($m) { setFilterOut(true) }
end

rule "blacklist hostname inet mask"
    when
        $i : BlacklistIpMatcherCondition()
        $m : Message( isSourceInetAddress == true, filterOut == false, $i.matchesInetAddress(getInetAddress()))
    then
        modify($m) { setFilterOut(true) }
end