[syslog-ng] filter based on IP - catching other IPs?
Henning Markussen
hm at mib.dk
Mon Nov 7 19:59:53 CET 2005
> have you tried putting a "\b" at the end to set the boundary?
>
> host("192.168.10.2\b")
>
> just a thought.
>
> chris
>
>
> On 11/7/05, crayola at optonline.net <crayola at optonline.net> wrote:
>> I am running syslog-ng 1.6.8 as a central log host. everything is
>> working great.. except for my filters.
>>
>> I want to filter all messages from 192.168.10.1 and 192.168.10.2 into
>> other
>> locations.
>>
>> Unfortunatly I seem to be catching other IP addresses in the filter
>> below. Examples: 192.168.10.151, 192.168.10.197, 192.168.10.22
>>
>> Is there anything I can do to make this filter more specific without
>> resorting to
>> regex.
>>
>> filter fw_only { (
>> host("192.168.10.1") or
>> host("192.168.10.2")
>> ); };
>>
>> Thanks,
>> Mike
>>
>> _______________________________________________
>> syslog-ng maillist - syslog-ng at lists.balabit.hu
>> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>>
>>
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
Hi
Just use
host("192.168.10.1$") or host("192.168.10.2$")
- Henning
More information about the syslog-ng
mailing list