A simple beacon to watch journald for specific entries
The journald beacon allows for the systemd journal to be parsed and linked objects to be turned into events.
This beacons config will return all sshd jornal entries
beacons:
journald:
- services:
sshd:
SYSLOG_IDENTIFIER: sshd
PRIORITY: 6
Validate the beacon configuration