I'm trying to dump all logs with INFO like the one below -
2016-06-27 15:25:01 SOME_WINDOWS_SERVER INFO 5857 NT AUTHORITY\LOCAL SERVICE
WmiPerfInst provider started with result code 0x0. HostProcess = wmiprvse.exe;
ProcessID = 7328; ProviderPath= C:\Windows\system32\wbem\WmiPerfInst.dll
And had put the following in my patternsdb.xml file but it's not catching, so I
know that Facility is not correct. I just don't know what I need to match INFO
and drop that log entry.
Patternsdb.xml snippet -
<pattern>
<id>16</id>
<name>INFO</name>
<matchfield>
<name>Facility</name>
<value>INFO</value>
</matchfield>
<exec>drop();</exec>
</pattern>
Respectfully,
Ward P Fontenot
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
nxlog-ce-users mailing list
nxlog-ce-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
