[syslog-ng] Rewriting CEF messages

carlopmart carlopmart at gmail.com
Sat May 19 00:08:29 CEST 2012

Previous message: [syslog-ng] Introducing myself and GSoC syslog-ng MongoDB driver project
Next message: [syslog-ng] ...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

  I am trying to rewrite CEF messages that arrives to a syslog-ng 
instance. I am using the following rewrite rule:

rewrite r_cef_logs { set("mydevice_logs", value("PROGRAM") 
condition(message("Device"))); };

Test message is:

CEF:0|Device|Firewall|0|....

  What am I doing wrong??

-- 
CL Martinez
carlopmart {at} gmail {d0t} com

Previous message: [syslog-ng] Introducing myself and GSoC syslog-ng MongoDB driver project
Next message: [syslog-ng] ...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the syslog-ng mailing list