Try:

  set $!data!foo = $programname;

As far as I know, rainerscript can't inject variables/properties into string 
literals directly; so if you really want to use string concatenation do this:

  set $!data!foo = "this_might_work_better_" & $programname;

If you want to get any more complex than that, you can use a template and exec 
it:

  template(name="s_my_programname" type="string" string="%$programname%")
  set $!data!foo = exec_template("s_my_hostname");

(but you could make the template much more complex, such as stringing multiple 
things together, adding delimiters, etc.)

Hope one of these helps,

--
Dave Caplinger
Director, Technical Product Management

On Dec 1, 2016, at 8:28 AM, mosto...@gmail.com<mailto:mosto...@gmail.com> wrote:

After meal, as usually happens, those quotes sparkled. Doesn't rsyslog
conf grammar allows that neither?

/(eg: set $!data!foo="this_doesnt_seem_to_work_$programname";)/



El 01/12/16 a las 14:57, mosto...@gmail.com<mailto:mosto...@gmail.com> escribió:

This worked, but I have lost 2 hours and still don't see where's the evil.

Works:

   module(load="omrelp")
   ruleset(name="relp") {
       set $!data!group=field($programname,47,1);
       set $!data!msg=$msg;
       action(
           action.reportSuspension="on"
           action.resumeRetryCount="-1"
           port="20514"
           queue.maxdiskspace="5M"
           queue.SaveOnShutdown="on"
           queue.type="LinkedList"
           target="server"
           template="RSYSLOG_DebugFormat"
           type="omrelp"
       )
   }

Doesn't work

   module(load="omrelp")
   ruleset(name="relp") {
       set $!data!foo="$programname"; <----------------just added
   this! (Line 17)
       set $!data!group=field($programname,47,1);
       set $!data!msg=$msg;
       action(
           action.reportSuspension="on"
           action.resumeRetryCount="-1"
           port="20514"
           queue.maxdiskspace="5M"
           queue.SaveOnShutdown="on"
           queue.type="LinkedList"
           target="server"
           template="RSYSLOG_DebugFormat"
           type="omrelp"
       )
   }

Rsyslog complains with:

rsyslogd: error during parsing file /etc/rsyslog.conf, on or before
line 17: invalid character '"' in expression - is there an invalid
escape sequence somewhere? [v8.23.0 try http://www.rsyslog.com/e/2207 ]


El 01/12/16 a las 11:14, Rainer Gerhards escribió:
maybe the complete debug log would also help (not sure).
Rainer

2016-12-01 11:12 GMT+01:00 David Lang<da...@lang.hm<mailto:da...@lang.hm>>:
no, we need to see the contents of programname (the RSYSLOG_DebugFormat will
show this.

David Lang
k

_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Followhttps://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Followhttps://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.


_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

Confidentiality Notice: The content of this communication, along with any 
attachments, is covered by federal and state law governing electronic 
communications and may contain confidential and legally privileged information. 
If the reader of this message is not the intended recipient, you are hereby 
notified that any dissemination, distribution, use or copying of the 
information contained herein is strictly prohibited. If you have received this 
communication in error, please immediately contact us by telephone at 
402.361.3000 or e-mail secur...@solutionary.com.

Copyright 2000-2016 NTT Security (US) Inc., a wholly-owned subsidiary of NTT 
Group. All rights reserved. ActiveGuard and Solutionary are registered 
trademarks and NTT Security is a trademark of NTT Security (US) Inc. 
Solutionary, the ActiveGuard logo icon, and the Solutionary logo icon are 
registered service marks of NTT Security (US) Inc.




Confidentiality Notice: The content of this communication, along with any 
attachments, is covered by federal and state law governing electronic 
communications and may contain confidential and legally privileged information. 
If the reader of this message is not the intended recipient, you are hereby 
notified that any dissemination, distribution, use or copying of the 
information contained herein is strictly prohibited. If you have received this 
communication in error, please immediately contact us by telephone at 
402.361.3000 or e-mail secur...@solutionary.com.

Copyright 2000-2016 NTT Security (US) Inc., a wholly-owned subsidiary of NTT 
Group. All rights reserved. ActiveGuard and Solutionary are registered 
trademarks and NTT Security is a trademark of NTT Security (US) Inc. 
Solutionary, the ActiveGuard logo icon, and the Solutionary logo icon are 
registered service marks of NTT Security (US) Inc.

_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

Reply via email to