Hello everybody, Actually, I am using rsyslog to collect windows events and I would like to know if is it possible to capture and reuse the sub matching regular expression ?
I have wrote some templates to record the events in a data base. But, I am forced to use expressions likes : %msg:F,58:2%. That not enough to split the field. My aim is to use regular expression to explode the "msg" field in N fields and use them. In this way, I will be able to write a template like : $template EVT,"insert into table (field1, field2, field3) values (%msg <Submatch 1>%,%msg <Submatch 2>%,%msg <Submatch 3>%),SQL Maybe someone faced this trouble ? Thanks a lot for your help. Mathieu. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
