[syslog-ng] Custom script with map-value-pairs(pair(<script>))
Faisal Chishti
faisalchishtii at gmail.com
Thu Sep 21 13:24:33 UTC 2023
Hi,
I am trying to capture some custom information using a simple shell script.
I am trying below but getting an error. Below is my parser, it works fine
without the line that has custom_script_output. How do I get this to work?
parser p_cr_syslog {
# Convert the LEVEL field to uppercase.
map-value-pairs(pair("jcnr.header.logLevel", "$(uppercase $LEVEL)"));
map-value-pairs(pair("jc.header.custom_script_output",
"$(script("/path/to/script.sh"))"));
syslog-parser(flags(syslog-protocol) template("${MESSAGE}"));
map-value-pairs(
pair("jc.header.nodeName", "$HOST")
pair("jc.header.eventDateTime", "$R_ISODATE")
pair("jc.header.notificationType", "$MSGID")
pair("jc.body", "$MSG")
pair("jc.header.program", "$PROGRAM")
);
# Log the output of the script.
action {
file {
path "/var/log/syslog";
message "$jc.header.custom_script_output";
}
}
}
Thanks in advance.
--
Regards,
Faisal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20230921/7656db12/attachment.htm>
More information about the syslog-ng
mailing list