Graylog_Extractors_pfSense icon indicating copy to clipboard operation
Graylog_Extractors_pfSense copied to clipboard
verified publisher icon Hobadee

UDP regex should be lowercase

Open rcork opened this issue 8 years ago • 1 comments

in my pfSense logs (2.3.3-RELEASE-p1), protocol is always lowercase. Your regex is looking for uppercase UDP so I had to modify to look for lowercase udp.

rcork avatar May 18 '17 23:05 rcork

This seems to be true for IPv4 packets. When looking at IPv6 packets, it is indeed written uppercase. Kind of strange...

waza-ari avatar Aug 26 '17 11:08 waza-ari