The host filter applies to the $HOST field. Just use the netmask filter with 32 as mask.
I am trying to remove a specific set of hosts from a network range using
filters.
for example, I have the following:
filter f_home_subnet {
(
netmask("192.168.0.0/24")
);
};
I now want to exclude some specific hosts, let's say 192.168.0.10 and
192.168.0.20.
My attempts of adding "not host" to the above doesn't seem to work.
Any pointers / suggestions would be greatly appreciated.
Thanks,
Ian
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq