[syslog-ng]Quoting ( and ) in a match
Allan Wind
syslog-ng@lists.balabit.hu
Thu, 18 Dec 2003 01:20:52 -0500
--Pd0ReVV5GZGQvF3a
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2003-12-17T09:45:15+0000, Jim Mozley wrote:
> Afraid I don't understand why you are trying to match in the way you=20
> are, for instance within the parentheses why not match [-0-9]+ or [-\d]+=
=20
> if \d is supported?
I want to ensure that my regex matches the following prefix:
"amavis[29961]: (29961-01-2) Passed, "
as the tail of the event (as originally posted) may contain tainted data. =
It
could work out to something like this, or as you suggested.
program("^amavis")
and
(
match("^[^:]+: [\\(\\)\\d-]+ Passed, ")
or
...
)
Does program() contain the [pid] part? I.e. "amavis[29961]" in this exampl=
e or
just "amavis"?
=20
/Allan
--=20
Allan Wind
P.O. Box 2022
Woburn, MA 01888-0022
USA
--Pd0ReVV5GZGQvF3a
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/4UdEuDtNyOwreTYRAqyzAKCrcC/bbtwirAnwGPNVMKXHhZGXjACgwih1
2S/TWcEovf2wl8lQEUZxg+w=
=ob8+
-----END PGP SIGNATURE-----
--Pd0ReVV5GZGQvF3a--