<Output outtcp>
Module om_file
File '/var/nxlog/'+$Hostname+'.log'
Exec if ($Message =~ /MCP limit exceeded/) drop();
</Output>I found an example that has simple singular entries if($Message =~ /failed/ or $Message =~ /error/) drop();But have not for the life of me figured out how to handle something like this
if($Message =~ /MCP limit exceeded/ or $Message =~ /(root) CMD (/usr/lib64/sa/sa1 1 1)/) drop();
I get invalid character errors and nothing works. I've tried escaping the parenthesis and slashes but nothing seems to work.
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________ nxlog-ce-users mailing list nxlog-ce-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
