Ivan via rsyslog
2018-08-30 05:27:23 UTC
Hello Everyone,
Today, I've spent a few hours for learning how to configuring rsyslog.
The goal is to read from /var/log/message and if a specific string which contains *some text* was added than send this full string to *remote host* via UDP protocol.
I've tried to add different combination of following to /etc/rsyslog.conf, but haven't succeeded:
:msg, contains, "some text", action(type=msg target="host" port="1514" protocol="udp")
I'm using rhel 7.4 if it's important.
I would appreciate if someone could give an example of right code.
Thanks in advance!
Regards,
Ivan
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Today, I've spent a few hours for learning how to configuring rsyslog.
The goal is to read from /var/log/message and if a specific string which contains *some text* was added than send this full string to *remote host* via UDP protocol.
I've tried to add different combination of following to /etc/rsyslog.conf, but haven't succeeded:
:msg, contains, "some text", action(type=msg target="host" port="1514" protocol="udp")
I'm using rhel 7.4 if it's important.
I would appreciate if someone could give an example of right code.
Thanks in advance!
Regards,
Ivan
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.