Hi Attila, Thank you for reply. We are using these type of If-Else condition in patterendb xml and want to know if there is any documentation available to implement other types of conditions as well. <rules> <rule id="xyz-3735951352" class="xyz"> <patterns> <pattern>@ESTRING::"[@@ESTRING:tmp.day:/@@ESTRING:tmp.month:/@@ESTRING:tmp.year::@@PCRE:tmp.time:\d{1,2}:\d{1,2}:\d{1,2}@ @ESTRING:timezone:]@"@ESTRING:tmp.dstport: @</pattern> </patterns> <values> <value name="metaclass">xyz</value> <value name="dstport">$(if ("${tmp.dstport}" != "-") ${tmp.dstport} 0)</value> <value name="requesttime">${tmp.year}-$(if ("${tmp.month}" == "Jan") 01 $(if ("${tmp.month}" == "jan") 01 $(if ("${tmp.month}" == "Feb") 02 $(if ("${tmp.month}" == "feb") 02 $(if ("${tmp.month}" == "Mar") 03 $(if ("${tmp.month}" == "mar") 03 $(if ("${tmp.month}" == "Apr") 04 $(if ("${tmp.month}" == "apr") 04 $(if ("${tmp.month}" == "May") 05 $(if ("${tmp.month}" == "may") 05 $(if ("${tmp.month}" == "Jun") 06 $(if ("${tmp.month}" == "jun") 06 $(if ("${tmp.month}" == "Jul") 07 $(if ("${tmp.month}" == "jul") 07 $(if ("${tmp.month}" == "Aug") 08 $(if ("${tmp.month}" == "aug") 08 $(if ("${tmp.month}" == "Sep") 09 $(if ("${tmp.month}" == "sep") 09 $(if ("${tmp.month}" == "Oct") 10 $(if ("${tmp.month}" == "oct") 10 $(if ("${tmp.month}" == "Nov") 11 $(if ("${tmp.month}" == "nov") 11 $(if ("${tmp.month}" == "Dec") 12 $(if ("${tmp.month}" == "dec") 12 ${tmp.month}))))))))))))))))))))))))-${tmp.day} ${tmp.time}</value> </values> </rule> Thanks, Mukesh Kumar On Mon, Feb 1, 2021 at 2:06 PM Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Mukesh,
You cannot use if-else or for loop in patterndb, you can only set pattern matching rules, to classify the incoming log messages.
The oldest Admin Guide I have found is for 3.5: https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edi... Chapter 13 is about patterndb.
Can you tell us your use case? What do you want to achieve by using if-else and for loop in the patterndb xml?
Cheers, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of mukesh kumar <mkkumar20@gmail.com> *Sent:* Monday, February 1, 2021 6:50 AM *To:* syslog-ng-owner@lists.balabit.hu <syslog-ng-owner@lists.balabit.hu>; syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] Syslog-ng 3.4.5 support question
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
We are using syslog-ng 3.4.5 version and we are using it to utilize patterndb. We are not looking for bug fix but using it for just all the different ways we can use the patterndb xml. Please provide me the info on such as the IF and ELSE statements, For loops in the xml file.
Thanks, Mukesh Kumar
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq