[syslog-ng]Doing a regex substitution in syslog-ng

[Nate Campi]

On Mon, Jun 10, 2002 at 09:20:43PM -0400, Donavan Pantke wrote:
> 	Hey guys, I'm trying to make a syslog-ng solution to recieve logs from some 
> custom java apps that output syslog data, but I have an issue. Our 
> programmers have already defined a format for their messages, and our log 
> parsers expect this format. I can pass the data around syslog systems, but at 
> the destination file, I need to strip off the syslog headers to leave me with 
> the raw message that was came out of the ajva app. I was hoping that I could 
> do something akin to a filter that did a regex substitution to modify the 
> message to make it look pretty. Is this possible, and if not, is there any 
> other way of pulling this off?

If all you want is to lose what syslog added:

destination d_template_test { file("/var/log/java.log" template("$MSG\n")); };

log { source(src); destination(d_template_test); };

I'd imaging this will take care of you. IIRC, you need a devel branch to
use templates.
-- 
"Plonk /excl./: The sound a newbie makes as he falls to the bottom of a
kill file."    - From the Jargon File.