[syslog-ng] How to use regex in syslog-ng.conf

Fabien Wernli wernli at in2p3.fr
Fri Mar 1 11:50:50 UTC 2019

On Fri, Mar 01, 2019 at 11:34:00AM +0100, Péter, Kókai wrote:
> Hello,
> Based on your example one possible solution could be: match("cmd=username
> [a-z]+ privilege 15" value("MESSAGE"));
> You could also check out the syslog-ng administrator guide, it covers a lot
> of possibilities:
> https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.20/administration-guide/63#TOPIC-1122022

also, prefer single quotes over double quotes: will make escaping easier

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2801 bytes
Desc: not available
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190301/21433a6a/attachment.bin>

More information about the syslog-ng mailing list