Skip to main content

Regex Data

To get started with this second Pipeline, let's add some sample data.

Paste a Sample of Data

With our last data set, we captured some live data from a datagen Source. This time, we'll leverage Cribl Stream's Paste feature.

important
  1. If the Manage > Procesing > Pipelines page is not already displayed in the left pane, select Processing in Stream's top nav and click Pipelines.
  2. Click Sample Datato refresh the right pane.
  3. Click the right pane's Import Data button. This opens the Import Sample Data modal.
  4. Copy this text to your clipboard, and paste it into the large text box at right: 
    Oct 30 09:46:12 1,2012/10/30 09:46:12,01606001116,TRAFFIC,start,1,2012/04/10 04:39:57,192.168.0.2,204.232.231.46,0.0.0.0,0.0.0.0,rule1,crusher,,web-browsing,vsys1,trust,untrust,ethernet1/2,ethernet1/1,forwardAll,2012/04/10 04:39:58,25112,1,59315,80,0,0,0x200000,tcp,allow,78,78,0,1,2012/04/10 04:39:57,0,any,0,0,0x0,192.168.0.0-192.168.255.255,United States,0,1,0
    Oct 30 09:46:12 1,2012/10/30 09:46:12,01606001116,THREAT,url,1,2012/04/10 04:39:57,192.168.0.2,204.232.231.46,0.0.0.0,0.0.0.0,rule1,crusher,,web-browsing,vsys1,trust,untrust,ethernet1/2,ethernet1/1,forwardAll,2012/04/10 04:39:58,25848,1,59317,80,0,0,0x208000,tcp,alert,"lsiu.info/evo/exploits/x19.php?o=2&t=1241403746&i=1365814122",(9999),not-resolved,informational,client-to-server,0,0x0,192.168.0.0-192.168.255.255,United States,0,text/html
  5. Name the file firewall.log. Stream's UI should now look like this (click to enlarge): Pipelines
  6. Click Save as Sample File.