Hello,

I am doing the following intercept stuff, and everything seems to be working fine. What I want to do is, in the subject line I want to parse the hostname. Could you guys help me with this.

Thanks,

-john

destination mail-alert { program("/usr/local/bin/syslog-mail.sh"); };

 

filter f_config_alert {

                        (

                          (

                            host("host1") or

                            host("host2") or

                            host("host3") or

                            host("host4")

                           ) and

                          match("Configured from console")

                        );

                       };

 

# Send alert when some Genius configure something

log {

        source(s_net);

        source(s_system);

        filter(f_config_alert);

        destination(mail-alert);

};

 

 

[root@central-logger ~]# more /usr/local/bin/syslog-mail.sh

#!/bin/sh

RECIPIENTS"john@abc.com"

 

while read line; do

        echo $line | /bin/mail -s "Config Change notification for $1" $RECIPIENTS

done