[syslog-ng] issue with rewrite. Please help.
Balla, Hithendra (EXT-Other - IN/Bangalore)
hithendra.balla.ext at nsn.com
Fri Jun 15 13:23:54 CEST 2012
Can somebody help here on this issue?
_____________________________________________
From: Balla, Hithendra (EXT-Other - IN/Bangalore)
Sent: Friday, June 15, 2012 9:09 AM
To: 'Syslog-ng users' and developers' mailing list'
Subject: issue with rewrite. Please help.
Hi all,
We have the following log
2012-06-15T09:00:26+05:30 kddi-cm-1-sb 4/6 [ID 800047 auth.info]
Accepted publickey for xyz
We wanted to replace [ID 800047 auth.info] with empty string (i.e. "")
and print the following
2012-06-15T09:00:26+05:30 kddi-cm-1-sb 4/6 Accepted publickey for xyz
So we have used the below re-write with subst. But this is not working
in syslog-ng 3.4.0alpha2.
rewrite rw_msg{subst("\\[.*\\]", "", value("MESSAGE"));};
Can somebody help out here?
Thanks
Hithendra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20120615/05d7122c/attachment.htm
More information about the syslog-ng
mailing list