This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C1DBAE.3D3EDA2A
Content-Type: text/plain
Im trying to setup a filter as follows:
filter f_terse { facility(local7); and
match("%CALLRECORD-3-MICA_TERSE_CALL_REC"); };
filter f_notterse { facility(local7); and not
match("%CALLRECORD-3-MICA_TERSE_CALL_REC"); };
Now my problem is that this doesnt work and kicks back an error, it seems I
cannot use the match keyword and define other parameters. Is this correct
or do I have the syntax messed up?
My reason for needing this is that terse call records from my my dial
systems take over 10000 calls a day and generate alot of syslog information,
I need a way to filter these to a different logfile from other syslog
events.
Thanks
-- Kevin
------_=_NextPart_001_01C1DBAE.3D3EDA2A
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
Filter Question.
Im trying to setup a filter as follows:
filter f_terse { facility(local7); and =
match("%CALLRECORD-3-MICA_TERSE_CALL_REC"); };
filter f_notterse { facility(local7); and not =
match("%CALLRECORD-3-MICA_TERSE_CALL_REC"); };
Now my problem is that this doesnt work and kicks =
back an error, it seems I cannot use the match keyword and define other =
parameters. Is this correct or do I have the syntax messed =
up?
My reason for needing this is that terse call records =
from my my dial systems take over 10000 calls a day and generate alot =
of syslog information, I need a way to filter these to a different =
logfile from other syslog events.
Thanks
-- Kevin
------_=_NextPart_001_01C1DBAE.3D3EDA2A--