Back to your phpLogCon instanceHi:
I am processing my own logfile and then write out to a target file. That part seems to work ok. I am using following template conditional property replacement
$template Testlog,"%msg%\n"
if $syslogfacility-text == 'local5' and $syslogtag == 'msglog:' and not ($msg contains 'ENDOFFILE') then /var/log/testlog.1;Testlog
I am having problem with regex working correctly in the database insert template:
I created a template for recording a logfile msg to mysql. The template is:
template dbFormat,"insert into SystemEvents (Message,Facility, Priority, DeviceReportedTime,RecievedAt, InfoUnitID,SysLogTag) values('%msg:R,ERE,0,FIELD:[^$][^ENDOFFILE]*--end%', %syslogfacility%, '%HOSTNAME%','%syslogpriority%, '%timereported:::data-mysql%','%timegenerated:::date-mysql%',%iut%,'%syslogtag%')",sql
I also enabled imfile module. I trying to match '$$$$ ENDOFFILE' string from msg and not inserted into database if match is found otherwise I want to print the field as is. I checked the regex syntax with the property replacer tool. It seem to do what I want. But when i try to run it from the mysql.conf file, the regex works sometimes and other times it does not. What should I look for?
regex tool and regex in property extractor inconsistencies
Moderator: rgerhards
5 posts • Page 1 of 1
Professional Services Information
- Custom written rsyslog.conf?
- Maintenance Contract?
- Installation support?
Re: regex tool and regex in property extractor inconsistencies
by rgerhards » Fri Dec 19, 2008 9:39 am
Hi,
this sounds wrong:
[^ENDOFFILE]
As of my understanding, this matches any character that is not D,E,F,I,... not the string "ENDOFFILE". Thus you probably get results that look rather random.
HTH
Rainer
this sounds wrong:
[^ENDOFFILE]
As of my understanding, this matches any character that is not D,E,F,I,... not the string "ENDOFFILE". Thus you probably get results that look rather random.
HTH
Rainer
-
rgerhards - Site Admin
- Posts: 2647
- Joined: Thu Feb 13, 2003 11:57 am
Re: regex tool and regex in property extractor inconsistencies
by alex_o » Mon Dec 22, 2008 9:42 pm
Do you care to make suggestion for properly formed regex?
- alex_o
- New
- Posts: 7
- Joined: Thu Dec 18, 2008 4:53 pm
Re: regex tool and regex in property extractor inconsistencies
by hkspvt » Tue Dec 30, 2008 5:50 pm
alex_o wrote:Do you care to make suggestion for properly formed regex?
I'm not clear on exactly what you're trying to accomplish. You're already filtering out messages that contain ENDOFFILE, so why try to do that again in the template?
If you can clarify the purpose of this regex, someone should be able to help you out.
-HKS
- hkspvt
- Frequent Poster
- Posts: 125
- Joined: Thu Jun 26, 2008 6:31 pm
Re: regex tool and regex in property extractor inconsistencies
by alex_o » Wed Dec 31, 2008 8:15 pm
hkspvt wrote:alex_o wrote:Do you care to make suggestion for properly formed regex?
I'm not clear on exactly what you're trying to accomplish. You're already filtering out messages that contain ENDOFFILE, so why try to do that again in the template?
If you can clarify the purpose of this regex, someone should be able to help you out.
-HKS
I am filtering out "ENDOFFILE" while logging to a text file. You can see that in my conditional filter statement. I am also writting messages to MySQL and wish to do the same
- alex_o
- New
- Posts: 7
- Joined: Thu Dec 18, 2008 4:53 pm
Google Ads
5 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests
