Hey Balazs, i still have this problem, even with 1.9 i can catch the message in a better way but im not able to split the message up, do you have some parsers even external ones for syslog-ng ? im prety sure some users wrote one. Cheers and thenks for your help On Sat, 01 Jul 2006 17:40:47 +0200 Balazs Scheidler <bazsi@balabit.hu> wrote:
On Thu, 2006-06-29 at 14:48 +0200, Hubert Lang wrote:
Hello,
i have a few questions about the message parser, basically i want to parse/split up the MESSAGE field itself and write the splitted up message in a mysql database, i cant find any documents about how this can be done, do i need an external parser (perl or whatever) or can this be done within syslog-ng.conf?
right now i just can write the whole message to the mysqldb
In 1.9.x you can match patterns in the message and then reference the matches in templates via $N (where N is the sequence number of the match), similar to what perl has.
-- Bazsi
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Die e-Mail-Boxes von Brennercom sind Virus-gesichert und Spam-gefiltert. Le caselle e-Mail di Brennercom sono protette da sistemi antivirus e antispam. http://www.brennercom.it