That one captures the entire match as one name value pair. But I guess @NUMBER@ parser would be useful. On Jan 26, 2017 08:24, "Fabien Wernli" <wernli@in2p3.fr> wrote:
Hi Clayton,
On Wed, Jan 25, 2017 at 10:29:08PM +0000, Clayton Dukes wrote:
Are there any tools/scripts anyone has written that will convert regex to patterndb types of matches? So, given some rewrite rule from the "old" way of doing it, convert that rule to a pdb file.
I'm afraid the two are too semantically different to automatize the process. That being said, there is a `@PCRE@` pattern that might help, but as far as I can remeber it won't capture groups.
Cheers
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq