[syslog-ng] regular expressions ...
Balazs Scheidler
bazsi@balabit.hu
Tue, 31 Aug 1999 13:29:36 +0200
On Tue, Aug 31, 1999 at 12:32:44PM +0200, Josef Bergmann wrote:
> Hi Balazs!
>
> Thanks for the really fast answer :-)
>
> On 31 Aug 99, at 11:36, Balazs Scheidler wrote:
>
> > great. in the meanwhile I've released 1.1.32 and libol 0.2.5, you may want to
> > grab those as well.
>
> Yes I've checked this in the meantime and build also new debs for Debian 2.1
> ... thanks.
>
> > > Now I want enable the "hashing-feature" and filter against a file with regex-
> > > terms but I found now proper info in the docs. How can configure this
> > > features? (I don't found "genh0" and "checkhash" as mentioned in the
> > > syslog-ng manpage).
> [...]
> > hashing is not about a file with regexps in it. It is a digital fingerprint of
> > each log message stored along with the logfile. This way unauthorized
> > modification can easily be detected. However this feature is not yet
> > implemented in the 1.1.xx branch only in 1.0.x.
>
> Sorry for my inaccurate question. Yes I meant hashing in that way, because of
> the fingerprints nobody should be able to modificate the logs. So I can find
> this in the 1.0.x branch, ok thanks.
>
> And regardless of the hashing-feature I want also regex the logs against
> specific patterns. Do the 1.0.x branch know regexps?
In addition what 1.1.x supports, 1.0.x has a filter called matchfile, which
reads regexps from a file, currently in 1.1.x you need to inline such
regexps to the config file.
--
Bazsi