[syslog-ng] weird filter problem
Evan Rempel
erempel at uvic.ca
Sat May 11 04:26:35 CEST 2013
Try this filter
filter f_unknown {
tags(".classifier.unknown");
};
Evan Rempel 250.271.7691
University Systems, University of Victoria
Russell Fulton <r.fulton at auckland.ac.nz> wrote:
Currently on 3.2.4.
I am using patterndb to classify my incoming logs and want to send those that match pattern rules do a particular destination.
filter f_unknown { "${.classifier.class}" ne 'unknown' ; };
but this appears to always fail (if I change ne to eq then I get everything).
I have also tried using match with the same result.
Russell
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
More information about the syslog-ng
mailing list