Per Jessen wrote:
Anyway, how would you write the following syslog-ng filter for rsyslogd:
filter per2 { facility(mail) and match("relay=virtual.*status=sent"); };
I've come up with this sofar, which will probably be fine, but it's not exactly the same:
if ($syslogfacility-text=='mail') and \ ($msg contains 'relay=virtual') and ($msg contains 'status=sent')
Just in case anyone is wondering - the above works. I had a little trouble getting the right timestamp format, but I got that sorted out too. I would still be interested to know how one can combine property filters? Also, I guess the hyphen before a log filename is to allow buffering (isn''t that how to old syslog did it?), but it's not mentioned in the man page. -- Per Jessen, Zürich (8.9°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org