I am trying to get an alert on mail when someone changes the syslog IP, i am using below config,
if $raw_event =~ /Syslog Server IP was changed from/
exec_async("/bin/sh", "-c", 'echo "' + $Hostname +
'"|/usr/bin/mailx -a "Content-Type: text/plain; charset=UTF-8" -s "ALERT" ' +
everytime when i see "Syslog Server IP was changed from" on log file i am getting "RROR subprocess 'xxxxx' returned a non-zero exit value of 1" on nxlog log file.
i am on CentOS 7 .... can anyone help..