Hi,
 
I am looking for help in re-writing syslog message. Planning to use certain regular expressions and rewrite syslog message for integrating with a NMS.
 
Ex: When a syslog message
local7.err: 44: *Feb 28 19:01:08: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
comes to syslog-ng. It should be able to grep for FastEthernet0/1 and rewrite as
local7.err: 44: *Feb 28 19:01:08: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up Component=FastEthernet0/1
and forward to NMS.
 
Can we use match filter function as part of template definition? Any reference with examples would be helpful.
 
Thanks in advance for your help.
 
Thanks,
Ravi Kumar P.