[format=syslog]
time-format = "%b %d %H:%M:%S" 
prefix-regex = "^(?P<timestamp>.{15}) (?P<hostname>\S+) (?:(?P<process>\S+?)(?:\[(?P<pid>[0-9]+)\])?: )?"
file = -

[format=apache]
time-format = "%d/%b/%Y:%H:%M:%S"
prefix-regex = "(?P<hostname>\S+) \S+ \S+ \[(?P<timestamp>.{20}) [+-].{4}\] "
file = -

[format=apache-error]
#[Sat Mar 12 22:56:12 2005] [error] [client 127.0.0.1]
time-format = "%a %b %d %H:%M:%S %Y"
prefix-regex = "^\[(?P<timestamp>.{24})\]"
file = -

[format=checkpoint]
time-format = "%d%b%Y %H:%M:%S"
prefix-regex = "^(?P<timestamp>.{20})"
file = -

[format=squid]
#2005/11/28 06:00:44|
time-format = "%Y/%m/%d %H:%M:%S"
prefix-regex = "^(?P<timestamp>.{19})\| "
file = -

[format=honeyd]
#2006-08-18-12:21:12.1239
time-format = "%Y-%m-%d-%H:%M:%S"
prefix-regex = "^(?P<timestamp>.{19})\."
file = -

[format=honeytrap]
#[2007-05-26 16:48:09]
time-format = "%Y-%m-%d %H:%M:%S"
prefix-regex = "^\[(?P<timestamp>.{19})\]"
file = -

[format=kojoney]
#2007/04/12 21:57 CEST
time-format = "%Y/%m/%d %H:%M"
prefix-regex = "^(?P<timestamp>.{16}) "
file = -

[format=rishi]
#2007-05-20 12:49:57,644
time-format = "%Y-%m-%d %H:%M:%S"
prefix-regex = "^(?P<timestamp>.{19}),"
file = -

[Pcre]
ruleset=../plugins/pcre/ruleset/pcre.rules