[syslog-ng] syslog-ng anon patch
Elijah
elijah at riseup.net
Tue May 31 20:28:29 CEST 2005
Valdis.Kletnieks at vt.edu said:
> On Mon, 30 May 2005 19:12:51 CDT, micah milano said:
>
>> The attached patch comes from http://dev.riseup.net/patches/syslog-ng
>> what it does is provide a simple filter to strip out unwanted regular
>> expressions from logs, as well as an IP alias that enables you to
>> strip out IP addresses from your logs.
>
> Interesting. Does it apply the regexp to *the entire message* (a quick
> read of the code indicates so)?
yes. perhaps it should not?
> Also, I see in make_filter_replace:
>
> if (strcasecmp(re,"ips") == 0) {
> re = "...([\\.\\-](25
>
> Was the \\- intended?
Many ISPs set the reverse dns to include the ip address in the form
69-90-134-155-myisp.com, so I thought it would be useful to remove those
as well.
> Any plans to expand that RE to cover IPv6 addresses? ;)
Yes. Alas, IPv6 is complicated. I had a pcre which worked, but had some
difficulty converting it to regexp. Eventually, I plan to do so. Any
suggestions for what the regexp should be?
-elijah
More information about the syslog-ng
mailing list