[syslog-ng] Converting filtering from 2.1 to 3.0?
Matthew Hall
mhall at mhcomputing.net
Mon Sep 27 19:05:53 CEST 2010
Hi Bazsi,
On Mon, Sep 27, 2010 at 03:07:31PM +0200, Balazs Scheidler wrote:
> Mathew, where did you see the erroneous example? I couldn't find any?
Sorry for the confusion. Let me try to say it differently from before.
I was not saying the example must be erroneous, just that what Alan said
and what the example did conflicted with each other. If Alan is right
that you must have special markers on the variables passed to match,
then this example from the HTML is wrong:
filter demo_filter { host("example") and match("deny" value("MESSAGE")); };
Because it does not put $ or ${} which Alan believed necessary for it to
work. Alternatively, Alan made a mistake thinking these chars were
mandatory. I think both the doc and Alan can't be right at the same
time.
So I was trying to get confirmation from Balabit about it.
> Bazsi
Matthew.
More information about the syslog-ng
mailing list