[syslog-ng] Remove String from Message + syslog

[Laszlo Szemere (lszemere)]

Hello,
 in this case I would recommend the `subst` rewrite rule: https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.25/administration-guide/65#TOPIC-1349542

 Just give an empty string "" as the second parameter, namely: <replacement string>.

 Note: Pay attention to test the regular expression on multiple messages. Maybe some of them use different formatting.

Best regards,
László Szemere

________________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of William Luiz Ribeiro Vasconcelos Da Silva <wsilva_ericsson at timbrasil.com.br>
Sent: Wednesday, March 25, 2020 13:48
To: Syslog-ng users' and developers' mailing list
Subject: [syslog-ng] RES: Remove String from Message + syslog

CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.


Hello László

My intention is: " A: remove the mentioned part and forward the message without it"

tks

Atenciosamente,

WILLIAM LUIZ R V SILVA
Mediation

Ericsson
Rua Maria Preste Maia, 300
02879-130, Brazil
Phone  +55 11   2760-3785
Mobile +55 11  97979-9886
wsilva_ericsson at timbrasil.com.br
https://nam05.safelinks.protection.outlook.com/?url=www.ericsson.com&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387041963&sdata=98h7fV1khJ35Q7475E8AMhGXsPqpSUjkRhCcbDx48jY%3D&reserved=0



-----Mensagem original-----
De: syslog-ng <syslog-ng-bounces at lists.balabit.hu> Em nome de Laszlo Szemere (lszemere)
Enviada em: quarta-feira, 25 de março de 2020 03:32
Para: syslog-ng at lists.balabit.hu
Assunto: Re: [syslog-ng] Remove String from Message + syslog

Hello,
 maybe it's just me, but I can interpret "remove these" in two ways:
 A: remove the mentioned part and forward the message without it
 B: only keep the mentioned part, and use it

Br,
László Szemere

________________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of William Luiz Ribeiro Vasconcelos Da Silva <wsilva_ericsson at timbrasil.com.br>
Sent: Tuesday, March 24, 2020 19:26
To: syslog-ng at lists.balabit.hu
Subject: [syslog-ng] Remove String from Message + syslog

CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Hello eveyone,

We are receiving two strings in the message in UDP packets: "used / maximum [1/2]" or "used / maximum [2/2]".

How to configure the subst function, to be able to remove these strings?

Atenciosamente,

WILLIAM LUIZ R V SILVA
Mediation

Ericsson
Mobile +55 11  97979-9886
wsilva_ericsson at timbrasil.com.br<mailto:wsilva_ericsson at timbrasil.com.br>
https://nam05.safelinks.protection.outlook.com/?url=www.ericsson.com&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=XjkrIesi0ntSLyIv7sYzMTA6plWLGQKoXUlFrN1f2vw%3D&reserved=0<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ericsson.com%2F&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=GKej%2Fj1f5exdeUzYfDk%2BNJSCAT2Di8wpHgugmEX0vjE%3D&reserved=0>

[Descrição: Descrição: Ericsson]<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ericsson.com%2F&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=GKej%2Fj1f5exdeUzYfDk%2BNJSCAT2Di8wpHgugmEX0vjE%3D&reserved=0>


Esta mensagem, incluindo seus anexos, pode conter informações privilegiadas e/ou de caráter confidencial, não podendo ser retransmitida sem autorização do remetente. Se você não é o destinatário ou pessoa autorizada para recebê-la, informamos que o seu uso, divulgação, cópia ou arquivamento são proibidos. Portanto, se você recebeu esta mensagem por engano, por favor nos informe respondendo imediatamente a este e-mail e delete o seu conteúdo.

This message, including its attachments, may contain privileged or confidential information, and it must not be fowarded without the express authorization of the sender. If you are not the intended recipient, we hereby inform you that the use, disclosure, copy or filing are forbidden. So, if you received this message as a mistake, please inform us by answering this e-mail and deleting its contents

Questo messaggio, inclusi gli allegati, potrebbe contenere informazioni privilegiate e/o riservate, e non deve essere ritrasmesse senza l'autorizzazione del mittente. Se non siete il destinatario o la persona autorizzata a riceverlo, informiamo che il suo utilizzo, diffusione, copia o archiviazione sono proibite. Quindi, se avete ricevuto questo messaggio per errore, per cortesia ci informi rispondendo immediatamente a questa email e cancelli il suo contenuto
______________________________________________________________________________
Member info: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=5OKrUVNIJ3o7UF5mPGPZAyQUG0VBK1CpFJf8Vzsimi4%3D&reserved=0
Documentation: https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=oe85zXAOrRo6p%2FDQNWWhLWbfInJrwTfWlf91vxxKNkM%3D&reserved=0
FAQ: https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7CLaszlo.Szemere%40oneidentity.com%7C2b4305be63f6472f916f08d7d0bae1b9%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637207373387051867&sdata=pnpnIDyFqk3u%2FrHou0c7Q5nnJO2UuBonmhFj%2BaT6RgM%3D&reserved=0