diff --git a/docs/parsers/syslog.md b/docs/parsers/syslog.md index e03d791f..9ce7f353 100644 --- a/docs/parsers/syslog.md +++ b/docs/parsers/syslog.md @@ -40,7 +40,7 @@ Blank values converted to `null`/`None` "structured_data": [ { "identity": string, - "values": { + "parameters": { "": string } } @@ -67,7 +67,7 @@ Examples: "structured_data": [ { "identity": "exampleSDID@32473", - "values": { + "parameters": { "iut": "3", "eventSource": "Application", "eventID": "1011" @@ -75,7 +75,7 @@ Examples: }, { "identity": "examplePriority@32473", - "values": { + "parameters": { "class": "high" } } diff --git a/jc/parsers/syslog.py b/jc/parsers/syslog.py index 4335cae7..938ce37d 100644 --- a/jc/parsers/syslog.py +++ b/jc/parsers/syslog.py @@ -35,7 +35,7 @@ Blank values converted to `null`/`None` "structured_data": [ { "identity": string, - "values": { + "parameters": { "": string } } @@ -62,7 +62,7 @@ Examples: "structured_data": [ { "identity": "exampleSDID@32473", - "values": { + "parameters": { "iut": "3", "eventSource": "Application", "eventID": "1011" @@ -70,7 +70,7 @@ Examples: }, { "identity": "examplePriority@32473", - "values": { + "parameters": { "class": "high" } } @@ -206,7 +206,7 @@ def _process(proc_data: List[Dict]) -> List[Dict]: for val_obj in _extract_kv(a_struct): my_values.update(val_obj) - struct_obj.update({'values': my_values}) # type: ignore + struct_obj.update({'parameters': my_values}) # type: ignore structs_list.append(struct_obj) item['structured_data'] = structs_list