[syslog-ng] Optional Parser Type Match
Michael Starks
syslog-ng-list at michaelstarks.com
Mon Jul 7 15:22:48 CEST 2014
On 2014-07-06 12:10, Balazs Scheidler wrote:
> In general, db-parser() uses a quite low-level representation, so you
> need to use multiple rules to match
> these messages.
>
> I was already thinking about creating a bit high(er) level tool, that
> could generate some of the rules (instead of working with the xml
> directly), but never got around to do that.
Thanks, Balazs. This could reduce the number of rules needed by order of
magnitude when it's unknown what may be in a particular field.
More information about the syslog-ng
mailing list