[syslog-ng] Filter Not Working (too many or's?)
wiskbroom at hotmail.com
wiskbroom at hotmail.com
Mon Jun 5 22:58:41 UTC 2017
Here is an example of what I am trying to do, these hostnames are not real; the real ones have no common pattern.
filter f_xyz { host("*.abca.*") or host(".*abcb.*") or host(".*abcc.*") or host(".*abcd.*") or host(".*abce.*") or host(".*abcf.*") or host(".*abcg.*") or host(".*abch.*"); };
The filter above is for any host containing a hostname with what is contained within the .* and *.; i.e. hostabca01 will be matched by host("*.abca.*")
When I have this filter in my config, syslog fails to restart.
Eyes hurt, obvious mistake?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170605/af1a83a2/attachment.html>
More information about the syslog-ng
mailing list