[syslog-ng] Replace hostname with a hostname extracted from the message
Clayton Dukes
cdukes at gmail.com
Tue Nov 13 19:19:07 CET 2012
Hi Folks,
How can I extract a hostname from the message and replace the source ip
with that name/ip address?
Sample message:
Nov 13 18:11:00 myhostname mymessage: Original
Host=192.168.6.3:LOW_THRESHOLD_EVENT
- 0 AUTHORIZED sessions
So, I need a rewrite rule(?) to take 192.168.6.3 and replace $HOST with it:
Nov 13 18:11:00 92.168.6.3 mymessage:LOW_THRESHOLD_EVENT - 0
AUTHORIZED sessions
______________________________________________________________
Clayton Dukes
______________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20121113/c0134d82/attachment.htm
More information about the syslog-ng
mailing list