[syslog-ng] syslog-ng 4.2.0 changed the interpretation of regexp
Evan Rempel
erempel at uvic.ca
Wed Sep 6 20:56:43 UTC 2023
Prior to syslog-ng 4.2.0 I was able to use a filter specified as
match("ABC\|DEF" value("MESSAGE"))
to match the exact string ABC|DEF in the MESSAGE
After upgrading to 4.2.0 this will match either ABC or DEF in the MESSAGE
To match an exact string of ABC|DEF I now need to escape both the
backslash and the pipe
match("ABC\\\|DEF" value("MESSAGE"))
I can't find anything in the release notes.
Of course I can easily solve this with single quotes, but more complex
examples would not be so straight forward.
Can someone confirm that this was intentional, or if this is a bug.
--
Evan
More information about the syslog-ng
mailing list