Hi Avdhoot,
Regular expressions in pipeline rules use the Java syntax, so you need to
double escape backslashes. If you need more information about regexes in Java,
please take a look at the documentation:
https://docs.oracle.com/javase/8/docs/api/java/util/regex/Pattern.html
Hope that helps.
Regards,
Edmundo
> On 10 Aug 2016, at 13:31, Avdhoot Dendge <avdho...@gmail.com> wrote:
>
> I am trying to match message source file with regex in pipeline. but gralog
> text edtor not allowing me to save. what is wroing with belwo rule? check
> attached file for graylog editor error.
>
> rule "test"
> when
> has_field("source")
> then
>
> regex(pattern: "((n|p|e)\d+-c\d+|(bg|cm|nw)\d+)-xyz.abc.com", value:
> $message.source);
>
> end
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Graylog Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to graylog2+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/953c98c3-0cd9-438e-9d36-a2919721e67a%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
> <regex.png>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/C160F232-64E4-4D44-ABDB-D621B05D1DB4%40graylog.com.
For more options, visit https://groups.google.com/d/optout.
