[rsyslog] Arbitrary string replacements
Ori Bani
oribani at gmail.com
Fri Aug 21 02:38:19 CEST 2009
Hi,
I understand that arbitrary replacements on log messages is not
supported by rsyslog. I found a thread that explains it here:
http://lists.adiscon.net/pipermail/rsyslog/2009-June/002317.html
I'd like to give my vote for adding this feature. I have the same
requirement (or similar) to the OP of that thread. For now, I have to
use syslog-ng, which I understand has recently already implemented
this feature, or if I want to use rsyslog, I have to drop (discard)
the messages that have information that I am not allowed to keep in my
logs (that with IP addreses):
# This discards any message with an IP (ver. 4) address in it
:msg, regex, "[0-9]\.[0-9]\.[0-9]\.[0-9]" ~
More information about the rsyslog
mailing list