3 Oct
2017
3 Oct
'17
9:10 p.m.
I am trying to filter messages matching text stored in a txt file (plain txt , exact match , one word each line). but its not working filter f_userlist { in-list("/etc/syslog-ng/userlist.list", value("MESSAGE")); }; ---> NOT WORKING however it works with value(“PROGRAM”) filter f_whitelist { in-list("/etc/syslog-ng/programlist.list", value("PROGRAM")); }; --->WORKING List ( userlist.list ) is not long and has less than 10 words to match. anything missing ? or in-list filter doenot work with message contents . any troubleshooting tips will e helpful.