Hello,
This is on a Debian system with syslog-ng 1.6.5-2.2.
Is there any way to filter on the log timestamp? For example, suppose I
have a (machine|program) that reboots once a day at 0400, and I don't
want to log those events. I'd like to be able to set up a filter something
like this ...
filter match_dailyreboot {
not (match("04:0[0-1]:[0-9][0-9]")
and program("foo")
and (match("Starting a brand new workday")
or match("*many annoying daily restart message*")
)
);
};
But as I understand the rules, match() only matches on the message.
Is there any way in the 1.6.* series to filter on time and other bits?
-dean takemori