Unable able to see the logs and doesn't trigger

[mmihir82]

Hello, Thank you of this pack. I have went thru configured and build it using default value and generated ST2 key and added. below is the example:

+----------+--------------------------------------------------------------+
| Property | Value                                                        |
+----------+--------------------------------------------------------------+
| id       | 5ee144fea84e178f8725b6c4                                     |
| pack     | ghost2logger                                                 |
| values   | {                                                            |
|          |     "ghost_ip": "0.0.0.0",                                   |
|          |     "ghost_port": "12023",                                   |
|          |     "password": "********",                                  |
|          |     "sensor_listen_ip": "0.0.0.0",                           |
|          |     "sensor_listen_port": "12022",                           |
|          |     "st2_api_key": "<< generated keys >>",             |
|          |     "st2url": "http://127.0.0.1:9101/v1/rules/?limit=10&pack |
|          | =ghost2logger",                                              |
|          |     "syslog_listen_port": "514",                             |
|          |     "username": "admin",                                     |
|          |     "web_hook_auth_header_key": "Authorization",             |
|          |     "web_hook_auth_header_val": "Basic YWRtaW46YWRtaW4="     |
|          | }                                                            |
+----------+--------------------------------------------------------------+

SENSOR LIST

+------------------------------+--------------+------------------------------+---------+
| ref                          | pack         | description                  | enabled |
+------------------------------+--------------+------------------------------+---------+
| linux.FileWatchSensor        | linux        | Sensor which monitors files  | True    |
|                              |              | for new lines                |         |
| ghost2logger.Ghost2loggerLoo | ghost2logger | Sensor that carries out      | True    |
| pback                        |              | loopback API activities      |         |
| ghost2logger.Ghost2loggerSen | ghost2logger | Sensor for Ghost2 Logger     | True    |
| sor                          |              |                              |         |
+------------------------------+--------------+------------------------------+---------+

here is the Rule:

| context       |                                                              |
| criteria      | {                                                            |
|               |     "trigger.host": {                                        |
|               |         "pattern": "192.168.1.1",                              |
|               |         "type": "eq"                                         |
|               |     },                                                       |
|               |     "trigger.pattern": {                                     |
|               |         "pattern": "SYS-5-CONFIG_STARTUP",                   |
|               |         "type": "eq"                                         |
|               |     }                                                        |
|               | }                                                            |

How to check the logs, and how do I know if this rule is correct?