[syslog-ng] Convert if/else to nested log paths
Péter, Kókai
peter.kokai at oneidentity.com
Wed Mar 27 08:02:44 UTC 2019
Hello,
I want to emphasise that the *if* is a superior solution.
Here is a gist just for your academic exercise:
https://gist.github.com/Kokan/6f1cec10d1053e9b67123c22342947de
--
Kokan
On Tue, Mar 26, 2019 at 8:45 PM Faine, Mark R. (MSFC-IS40)[NICS] <
mark.faine at nasa.gov> wrote:
> What is the conversion of an if/else to embedded log path statements?
>
> I tried to do this today and didn't have any luck so I reverted back to
> if/else.
>
> I have a log statement with a series of if/else blocks:
>
> log {
> source(pan_splunk);
> if {
> filter { host("^[a-z]+\.foo.*$") or
> netmask('192.168.1.100/32') or
> netmask('192.168.1.101/32');
> };
> rewrite {
> set("foo" value("location"));
> };
> } elif {
> filter { host("^[a-z]+\.bar.*$") or
> netmask('192.168.1.102/32') or
> netmask('192.168.1.103/32');
> };
> } else {
> rewrite {
> set("unknown" value("location"));
> };
> }
>
> Can this be written with embedded log statements? The if/else blocks are
> working for me so this is just an academic exercise but I'd really like to
> understand how to do it with embedded log paths.
>
> Thanks,
> -Mark
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190327/c5ea6ab3/attachment.html>
More information about the syslog-ng
mailing list