mirror of
https://github.com/tstack/lnav
synced 2024-11-03 23:15:38 +00:00
11 lines
255 B
Plaintext
11 lines
255 B
Plaintext
#
|
|
# @synopsis: tag-ssh-msgs
|
|
# @description: Tag interesting SSH log messages
|
|
#
|
|
|
|
;UPDATE all_logs
|
|
SET log_tags = json_concat(log_tags, '#ssh.invalid-user')
|
|
WHERE log_text LIKE '%Invalid user from%'
|
|
|
|
;SELECT 'Tagged ' || changes() || ' messages';
|