contrib/logtesting/20/res

   1 **Phase 1: Completed pre-decoding.
   2        full event: 'May 28 10:48:29 niban useradd[32421]: new group: name=logr, gid=12000'
   3        hostname: 'niban'
   4        program_name: 'useradd'
   5        log: 'new group: name=logr, gid=12000'
   6
   7 **Phase 2: Completed decoding.
   8        No decoder matched.
   9
  10 **Phase 3: Completed filtering (rules).
  11        Rule id: '5901'
  12        Level: '8'
  13        Description: 'New group added to the system'
  14 **Alert to be generated.
  15
  16