responses
Hello,
I have a config that I thought would work, but it does not. I would like to have the syslog service only send specific messages it finds in the log file and ignore all other and not send them to the syslog server. Her is the config I currently have, but it seems to be sending everything. Any help would be great.
<Input watchfile_m_LOGFILENAME>
Module im_file
File 'C:\\logs\\log.log'
Exec $Message = $raw_event;
Exec if $raw_event =~ /has failed/ $SyslogSeverityValue = 3;
Exec if $raw_event =~ /Rx error in packet/ $SyslogSeverityValue = 3;
Exec if $raw_event =~ /LossCounter non zero in packet/ $SyslogSeverityValue = 3;
Exec $SyslogSeverityValue = 6;
Exec if file_name() =~ /.*\\(.*)/ $SourceName = $1;
Thank You,
Yury
Comments (1)
Hello,
What line do I have to add to filter out everything but the specific lines that I already have. I do want those to be sent to our syslog server. I will also remove the line you mentioned.
Thank you.