> I have multiple devices sending logs to a central logging server and these
> all sends logs in a somewhat different way, therefore I have different sets
> of filters for each of these devices. The idea I had was to set variables
> at the top of the configuration with the IP addresses for these devices and
> then have a ruleset that would compare the source IP address of the message
> and apply these rules under if statement blocks. Something like this:
>
> $.dev1IP = 192.168.1.1;
> $.dev2IP = 192.168.1.2;
> $.dev3IP = 192.168.1.3;
>
> $.sourceIP = $fromhost-ip;
>
> if ($.sourceIP == $.dev1IP) then {
> do something
> } else if ($.sourceIP == $.dev2IP) then {
> do something
> } else if ($.sourceIP == $.dev3IP) then {
> do something
> } else {
> do something if nothing else matches
> }
>
> The issue is that the above is currently not working.
What does "not working" mean precisely? Is there an error message? Is
the result other than expected?
Rainer
> Am I using the wrong
> comparator? I tried using "isequal" but that didn't work either. Can I even
> do what I'm trying to do? What really confuses me is that I tried doing the
> values themselves in the if statement, but that didn't work either.
>
> Thanks,
> ABB
> _______________________________________________
> rsyslog mailing list
> https://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
> sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
> LIKE THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
