[syslog-ng] match text within message
Roberto Nibali
ratz at tac.ch
Mon Oct 3 17:43:49 CEST 2005
> Thanks Roberto,
> I am trying to do exactly what you presumed.
Ok.
>>So you write:
>>
>>match PIX and not A and not B
>>
>>> Any suggestions?
>>
>>filter f_pix {
>> match("PIX") and match("987.65.4.[34]");
>>};
>
>
> So, in order to exclude ip address 987.65.4.3 and ip address 987.65.4.4
> would the sytax be as follows?
Well, I'm a bit unsure about your use of the term "ip address", since
the noted dotted decimals are not valid ip addresses.
> filter f_pix {
> match("PIX") and not match("987.65.4.[34]");
> };
I would say so.
> Thanks again!!!
Tell us if it works and if not, we're more than happy to help you out
further. Don't forget to cc the list since other people might want to
know this as well and could potentially help you out better then I can.
Best regards,
Roberto Nibali, ratz
--
-------------------------------------------------------------
addr://Kasinostrasse 30, CH-5001 Aarau tel://++41 62 823 9355
http://www.terreactive.com fax://++41 62 823 9356
-------------------------------------------------------------
terreActive AG Wir sichern Ihren Erfolg
-------------------------------------------------------------
More information about the syslog-ng
mailing list