On Mon, Jul 11, 2016 at 11:28 AM, Jason Haar <[email protected]> wrote:
> If I take the regex I wrote in this rule (as per first email), replace > '\\' with '\', then the regex works fine via egrep. It's a simple "when, do > this" type statement: I can't see what's gone wrong in it > Oh - and thanks to your comment about the regex needing to match the entire line, I put ".*" at the beginning and end - but it made no difference. Still no Cisco syslog messages (as above) match -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrgJZng%2Bzc-iZ%2Bv73%2Bd8Q6YatVATaDtj2R%3Dd7sR9iXZfbHQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
