[rsyslog-notify] Forum Thread: New line \n when using imfile - (Mode 'post')

[noreply at adiscon.com]

User: basfo1705 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26786#p26786

Message: 
----------
HEllo all

Sorry if this is a newbie question but i have been struggling with this for
more than a week.
I have several tomcat servers loging the apps logs locally to a file using
log4j (and i´m not authorized to change that, all i can touch are the
rsyslog configs)
I want to send those logs to a remote server (actually 2, an remote Rsyslog
server and a graylog instance).
I´m using startmsg.regex with a time regex to avoid sending the stack
traces on multiple lines, since i need every error to be a single event.
Without that i had problems where a stacktrace would be like 100 different
messages, and is not useful for graylog.
I configured the imfile module to read those files. The entrys look like
this

input(type="imfile"
      File="/var/log/tomcat7/app/app-errors.log"
      Tag="apperror_prod_1B"
     startmsg.regex="([0-9][0-9]:[0-9][0-9]:[0-9][0-9])"
       Facility="local6")
local6.* @@mygraylogserver:10515;RSYSLOG_SyslogProtocol23Format #only app
errors are sent to graylog, template suggested by graylog docs.
*.* @@myremotersyslogserverl:514 # all syslog messages are sent to the
remote rsyslog server

It works great except that rsyslog is sending the newline characters as
part of the message to both, the remote rsyslog server and to the graylog
instance.

14:27:36 [http-bio-8080-exec-436] ERROR
com.company.work.pizza.v2.pizzaControllerV2 - Error in class
com.company.work.pizza.v2.pizzaControllerV22[b:u6pvqkza]\nj[/b:u6pvqkza]ava.lang.NullPointerException[b:u6pvqkza]\n[/b:u6pvqkza]

i understand that the message contains those lines in the original file and
the new line is defined in the regex string i set up, so basically rsyslog
is sending that as part of the message.
Is there any way to escape those /n  entries using imfile with
startmsg.regex? Maybe a new template?

Thanks for your help!

Rodrigo