Kibana unable to parse syslog logs

Hmmm

Step by Step

Screenshot 2023-04-27 at 9.00.57 PM1804×982 45.5 KB

File Uploader

Screenshot 2023-04-27 at 9.01.12 PM3112×1762 408 KB

Contents of file

$ cat syslog.log
Oct  9 2019 23:39:37 myrtle sshd[41925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.49.202.135  user=root
Oct  9 2019 23:39:37 myrtle sshd[41925]: Failed password for root from 221.49.202.135 port 1930 ssh2
Oct  9 2019 23:39:38 myrtle sshd[41927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.49.202.135  user=root
Oct  9 2019 23:39:38 myrtle sshd[41927]: Failed password for root from 221.49.202.135 port 55212 ssh2
Oct 10 2019 04:28:55 myrtle sshd[41931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.150.44.62  user=root
Oct 10 2019 04:28:55 myrtle sshd[41931]: Failed password for root from 108.150.44.62 port 17735 ssh2
Oct 10 2019 04:28:56 myrtle sshd[41936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.150.44.62  user=root
Oct 10 2019 04:28:56 myrtle sshd[41936]: Failed password for root from 108.150.44.62 port 54304 ssh2
Oct 10 2019 04:28:57 myrtle sshd[41939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.150.44.62  user=root
Oct 10 2019 04:28:57 myrtle sshd[41939]: Failed password for root from 108.150.44.62 port 33925 ssh2
Oct 10 2019 04:28:58 myrtle sshd[41941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.150.44.62  user=root

Load the File: No Special Settings

Screenshot 2023-04-27 at 9.02.18 PM1920×1203 148 KB

Screenshot 2023-04-27 at 9.03.06 PM1544×1368 184 KB

Nothing Touched

Screenshot 2023-04-27 at 9.03.17 PM3150×1676 386 KB

Click On Discover

Screenshot 2023-04-27 at 9.04.00 PM1920×1086 142 KB

If I use the filebeat system module with syslog input it does not parse your file... it does parse my syslog on my Mac.