Hi,
We are having such trouble with Cisco IOS logs. We enabled cisco ios module but it has parsing error
2020-11-11T01:03:27.650Z DEBUG [processors] processing/processors.go:112 Fail to apply processor client{add_locale=[format=offset], add_fields={"ecs":{"version":"1.5.0"}}, script=[type=javascript, id=, sources=/usr/share/filebeat/module/cisco/ios/config/pipeline.js]}: failed in processor.javascript: failed in process function: GoError: could not find delimiter: `: ` in remaining: `Logging to host 10.2.0.227 port 8514 started - CLI initiated`, (offset: 55)
2020-11-11T01:03:27.650Z DEBUG [processors] processing/processors.go:187 Publish event: {
"@timestamp": "2020-11-11T01:03:27.650Z",
"@metadata": {
"beat": "filebeat",
"type": "_doc",
"version": "7.9.3",
"pipeline": "filebeat-7.9.3-cisco-ios-pipeline"
},
"message": "Nov 9 10:10:43.147 UTC: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 10.2.0.227 port 8514 started - CLI initiated",
"tags": [
"cisco-ios",
"forwarded",
"_js_exception"
],
"service": {
"type": "cisco"
},
"event": {
"dataset": "cisco.ios",
"module": "cisco",
"timezone": "+00:00"
},
"ecs": {
"version": "1.5.0"
},
"agent": {
"version": "7.9.3",
"hostname": "VOCOLLECTOR02",
"ephemeral_id": "c6dc236a-e49d-471e-ab9b-13b077fecc2f",
"id": "b6a685dc-0467-40a1-8e02-048da478c5f3",
"name": "VOCOLLECTOR02",
"type": "filebeat"
},
"log": {
"original": "Nov 9 10:10:43.147 UTC: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 10.2.0.227 port 8514 started - CLI initiated",
"flags": [
"dissect_parsing_error"
],
"offset": 1558,
"file": {
"path": "/home/cisco.log"
}
},
"input": {
"type": "log"
},
"error": {
"message": "GoError: could not find delimiter: `: ` in remaining: `Logging to host 10.2.0.227 port 8514 started - CLI initiated`, (offset: 55)"
},
"cloud": {
"instance": {
"id": "15c6f9c9-7b79-4409-9fb9-dacd98f18850",
"name": "VOCOLLECTOR02"
},
"machine": {
"type": "Standard_D2ds_v4"
},
"region": "westeurope",
"provider": "azure"
},
"fileset": {
"name": "ios"
}
}