[syslog-ng]syslog-ng and regex
Hamilton, Andrew
syslog-ng@lists.balabit.hu
Mon, 24 Feb 2003 15:01:55 -0500
Yes, it should.
Regards,
Drew
-----Original Message-----
From: Micha Holzmann [mailto:holzmann@mhnet.de]
Sent: Monday, February 24, 2003 2:49 PM
To: syslog-ng@lists.balabit.hu
Subject: Re: [syslog-ng]syslog-ng and regex
Hello Andrew,
Hamilton, Andrew wrote:
> To match a program name you use the program function in the filter.
>
> filter f_antivir { program("antivir"); };
The corresponding syslog messages are:
>--- cut here ----
Feb 24 14:00:02 kaliba antivir[1718]: AntiVir is up-to-date
Feb 24 15:00:11 kaliba antivir[2451]: AntiVir is up-to-date
Feb 24 16:00:02 kaliba antivir[2662]: AntiVir is up-to-date
Feb 24 17:02:49 kaliba antivir[2979]: reloaded AntiVir mail scanner
successfully
Feb 24 17:02:49 kaliba antivir[2979]: AntiVir successfully updated itself
(antivir.vdf)
>--- cut here ----
The filter statement "filter f_antivir { program("antivir"); };" catch
syslog messages like these above?
Best regards,
Micha Holzmann
--
UNIX is user friendly, it's just picky about who its friends are