[syslog-ng]Problem in host() filter
Balazs Scheidler
syslog-ng@lists.balabit.hu
Thu, 19 Feb 2004 08:19:51 +0100
2004-02-16, h keltezéssel 11:31-kor Salim Pathan ezt írta:
> hi,
> i'm working on a project based on syslog-ng since last one year...i'm
> using "host()" filter function to separate logs coming from different
> hosts...
> "use_dns()" option is set to "NO",which means the incoming logs will
> be filtered based on IP address in place of hostname....now the
> problem is
> that syslog-ng is unable to separate logs coming from host IP
> "31.2.2.5" and "31.2.2.51".....
> how can i separate logs from hosts having similar IP addresses, as in
> above case?
of course you can. the host macro accepts a regular expression and you
can use '$' as the end of line: e.g.
host("^31\.2\.2\.5$")
note the escaping of dots as otherwise they match _any_ character.
again, this is a regexp.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1