Hi,

I am trying to capture some custom information using a simple shell script. I am trying below but getting an error. Below is my parser, it works fine without the line that has custom_script_output. How do I get this to work?

parser p_cr_syslog {
# Convert the LEVEL field to uppercase.
map-value-pairs(pair("jcnr.header.logLevel", "$(uppercase $LEVEL)"));
map-value-pairs(pair("jc.header.custom_script_output", "$(script("/path/to/script.sh"))"));
syslog-parser(flags(syslog-protocol) template("${MESSAGE}"));
map-value-pairs(
pair("jc.header.nodeName", "$HOST")
pair("jc.header.eventDateTime", "$R_ISODATE")
pair("jc.header.notificationType", "$MSGID")
pair("jc.body", "$MSG")
pair("jc.header.program", "$PROGRAM")
);

# Log the output of the script.
action {
file {
path "/var/log/syslog";
message "$jc.header.custom_script_output";
}
}
}

Thanks in advance.

Regards,

Faisal