[rsyslog-notify] Forum Thread: Re: Filtering on Multiple Network Device Types Does Not Work - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Thu Dec 31 05:45:30 CET 2015
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26259#p26259
Message:
----------
you are not understanding how the logs are parsed into different variables.
grepping through the output that combines multple variables together into
one line doesn't say that looking for that same text in only one variable
is going to find it.
write the logs with the template RSYSLOG_DebugFormat and look at what is in
programname vs what is in msg. I'll bet that the majority of things you are
looking for are in programname, not msg
David Lang
More information about the rsyslog-notify
mailing list