[syslog-ng]syslog-ng and regex
Micha Holzmann
syslog-ng@lists.balabit.hu
Mon, 24 Feb 2003 20:48:31 +0100
--IJpNTDwzlM2Ie8A6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello Andrew,
Hamilton, Andrew wrote:
> To match a program name you use the program function in the filter.
>=20
> filter f_antivir { program("antivir"); };
The corresponding syslog messages are:
>--- cut here ----
Feb 24 14:00:02 kaliba antivir[1718]: AntiVir is up-to-date
Feb 24 15:00:11 kaliba antivir[2451]: AntiVir is up-to-date
Feb 24 16:00:02 kaliba antivir[2662]: AntiVir is up-to-date
Feb 24 17:02:49 kaliba antivir[2979]: reloaded AntiVir mail scanner success=
fully
Feb 24 17:02:49 kaliba antivir[2979]: AntiVir successfully updated itself (=
antivir.vdf)
>--- cut here ----
The filter statement "filter f_antivir { program("antivir"); };" catch
syslog messages like these above?
Best regards,
Micha Holzmann
--=20
UNIX is user friendly, it's just picky about who its friends are
--IJpNTDwzlM2Ie8A6
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+WncPZrmPvQ66gg8RArcBAJ9b0WY8eHI+d8JRPzlkyowgwP5opACfR1vC
L9S4sFuwZOhJ4vVgOSTEwug=
=PikP
-----END PGP SIGNATURE-----
--IJpNTDwzlM2Ie8A6--