Hello, I would like to share experience with normalization of windows event logs with rsyslog and have critique of configuration for the latest syntax directives and supported functions. In response to a previous message regarding the reparse() feature enhancement, there appears to be imminent refactoring of parser modules.
Is it possible to output mmnormalize rulebase to json path and output on template which does not include the msg/userawmsg field? Thank you for any recommendations or examples related to new normalization modules. Kendall Green _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
