[syslog-ng] Question about regular expressions

Phusion phusion2k at gmail.com
Thu Jan 11 19:14:23 CET 2007

I need some help in my config file using regular expressions. This
filter is for http requests from Apache. I am trying to get this
filter to catch the following two types of messages.

                httpd[....]     and     /websites/abc/test
                logger:         and     test.abc.com

I have tried the following.

filter fd_httpd_test.abc.com { match("httpd[\[0-9]+\]") and
                or match("logger:") and match("test.abc.com"); };

I also tried this.

filter fd_httpd_test.abc.com { match("httpd[\[0-9]+\]*/websites/abc/test")
                or match("logger:*test.abc.com"); };

Let me know. Thanks.


More information about the syslog-ng mailing list