I have multiple incoming messages that I want to filter on the contents of the message containing an IP address (not a fromhost-ip, etc.)
As a result this forces me to have to search the actual $msg itself using either regex or contains... with that being said, is it more efficient for me to re_match a multitude of IP addresses OR'ing them together, or would the following actually work? if ($msg contains ["IP1","IP2","IP3"....]) then stop _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
