Request trial
Request Trial
Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.
is it possible to negate a match using pm_match? (nxlog ce version for now)
I am trying to us pm_pattern to filter messages that are approved for a 'limited' feed, and still have the full feed go to the admin feed. I have set up the config to send the input to two feeds, that works fine. I've then tried to use pm_pattern to match certain strings and DROP them from the restricted feed. So far no luck. I'm sure I'm missing something really simple here, and would really appreciate if anyone had the time to check the configs for me... in nxlog.conf (edited for brevity)... Module pm_pattern PatternFile "/data/conf/nxlog-patternmatch.yaml" Module om_http URL https:// destination string #Batchmode none HTTPSAllowUntrusted TRUE HTTPSCADir /etc/ssl/certs/ HTTPSCertFile /etc/ssl/certs/ca-certificates.crt Exec if defined $PatternID drop(); Path client2001 => client_filter => out2001,client-test and this is the patternmatch yaml (some matchfields removed)... 2021-06-03 01:02:03 1 <group> <name>Client</name> <pattern> <id>1</id> <name>client input</name> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>rsyslogd</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>NetworkManager</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>Systemd</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>dnf</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>dbus</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>chrony</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>CRON</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>motd</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>snapd</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>promtail</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>nxlog</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>kernel</value> </matchfield> <matchfield> <Name>raw_event</Name> <type>regexp</type> <value>loki</value> </matchfield> </pattern> </group>

wallet created
nxlog | pattern match | pm_match

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS