-
Notifications
You must be signed in to change notification settings - Fork 1
/
PaloAltoNetworksADEM.sublime-syntax
54 lines (38 loc) · 1.14 KB
/
PaloAltoNetworksADEM.sublime-syntax
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
%YAML 1.2
---
# Version: 0.01
# Author: Nolan Rumble
# Last modified: 2022/04/01
# See http://www.sublimetext.com/docs/3/syntax.html
name: Palo Alto Networks ADEM
file_extensions:
- log
scope: palo_alto_networks_dem_agent.log|palo_alto_networks_dem_agent.1.log
variables:
date: '\d{4}-\d{2}-\d{2}'
time: '\d{2}\:\d{2}\:\d{2}.\d{3}'
log_level: '\bdebug\b|\berror\b|\binfo\b|\bwarn\b'
json_regex: '\{.*\:\{.*\:.*\}\}'
contexts:
# The prototype context is prepended to all contexts but those setting
# meta_include_prototype: false.
#prototype:
#- include: comments
adem:
- match: '\[({{date}})\s({{time}})\]\s\[(default)\]'
captures:
1: keyword.control.example-c
2: keyword.control.example-c
3: punctuation.definition.string
- match: '\s\[info\]\s'
scope: keyword.control.example-c
- match: '\s\[warning\]\s.*'
scope: entity.name.constant
- match: '\s\[error\]\s.*'
scope: constant.language.null
- match: '\{'
scope: punctuation.section.mapping.begin.json
embed: scope:source.json
escape: '\}$'
main:
- include: adem