diff --git a/misc/log-analytics/README.md b/misc/log-analytics/README.md
index 7842da798a4f8bd4a869afe429f7510e40a65905..6c4aadf675220451366615d31a3278da007280b5 100644
--- a/misc/log-analytics/README.md
+++ b/misc/log-analytics/README.md
@@ -249,5 +249,19 @@ exec python /path/to/misc/log-analytics/import_logs.py \
  --log-format-name=nginx_json -
 ```
 
+# regex example for syslog format (centralized logs)
+
+## log format exemple
+
+```
+Aug 31 23:59:59 tt-srv-name www.tt.com: 1.1.1.1 - - [31/Aug/2014:23:59:59 +0200] "GET /index.php HTTP/1.0" 200 3838 "http://www.tt.com/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0" 365020 www.tt.com
+```
+
+## Corresponding regex
+
+```
+--log-format-regex='.* ((?P<ip>\S+) \S+ \S+ \[(?P<date>.*?) (?P<timezone>.*?)\] "\S+ (?P<path>.*?) \S+" (?P<status>\S+) (?P<length>\S+) "(?P<referrer>.*?)" "(?P<user_agent>.*?)").*'
+```
+
 And that's all !