[syslog-ng] Convert if/else to nested log paths
Faine, Mark R. (MSFC-IS40)[NICS]
mark.faine at nasa.gov
Tue Mar 26 19:45:05 UTC 2019
What is the conversion of an if/else to embedded log path statements?
I tried to do this today and didn't have any luck so I reverted back to if/else.
I have a log statement with a series of if/else blocks:
log {
source(pan_splunk);
if {
filter { host("^[a-z]+\.foo.*$") or
netmask('192.168.1.100/32') or
netmask('192.168.1.101/32');
};
rewrite {
set("foo" value("location"));
};
} elif {
filter { host("^[a-z]+\.bar.*$") or
netmask('192.168.1.102/32') or
netmask('192.168.1.103/32');
};
} else {
rewrite {
set("unknown" value("location"));
};
}
Can this be written with embedded log statements? The if/else blocks are working for me so this is just an academic exercise but I'd really like to understand how to do it with embedded log paths.
Thanks,
-Mark
More information about the syslog-ng
mailing list