<html><body>
<p><tt>Bazsi</tt> -<br>
<br>
Thank you for taking the time to look at my situation.<br>
<br>
<tt>> Also, I can see that you tried to escape the dot, right after "10", but<br>
> you only used a single escape, which escapes for syslog-ng, but doesn't<br>
> embed a backslash for the regexp parser.</tt><br>
<br>
<tt>"10\.\d+\.\d*[0-4]\." (kiwi) -> "10\.\\d+\.\\d*[0-4]\." (syslog-ng)</tt><br>
<br>
<tt>I am escaping a literal "." in the IP address (I want to match on "10." specifically.)</tt><br>
<tt><br>
<br>
> This reminds me to an unrelated note, that if you use single quotes in<br>
> syslog-ng, you don't need to escape the backslash, e.g.<br>
<br>
> match("\\.") is equivalent to match('\.')</tt><br>
<br>
<tt>This is great to know! Sure cleans up some of my filters. Thanks!<br>
</tt><br>
<tt>> Another unrelated note is that syslog-ng supports PCRE regular<br>
> expressions if you have that compiled in, PCRE supports \d, and you can<br>
> use it like this:<br>
<br>
> match('10\.\d+' type(pcre));</tt><br>
<br>
<tt>Unfortunately, this didn't work either, so PCRE must not be compiled in on my system. However, THIS works!</tt><br>
<br>
<tt>'10\.[[:digit:]]+\.[[:digit:]]*[0-4]\.'</tt><br>
<br>
<tt>Thanks again!<br>
</tt><br>
Phil<br>
</body></html>
<pre><span style="font-size:78%;"><span style="font-family:arial;"><strong>Notice:</strong> This e-mail message and its attachments are the property of Wendy's/Arby's Group Inc. </span>
<span style="font-family:arial;">or one of its subsidiaries and may contain confidential or legally privileged information intended</span>
<span style="font-family:arial;">solely for the use of the addressee(s). If you are not an intended recipient, then any use, copying or</span>
<span style="font-family:arial;">distribution of this message or its attachments is strictly prohibited. If you received this message in</span>
<span style="font-family:arial;">error, please notify the sender and delete this message entirely from your system.</span></span>