On 08/13/2011 09:28 PM, John P. Rouillard wrote:
In messagealpine.deb.2.02.1108130922050.6...@asgard.lang.hm,
da...@lang.hm writes:
SEC works just fine reading from named pipe or stdin from a socket. I have
this working with rsyslog with the only problem being that when I want to
change the
SEC works just fine reading from named pipe or stdin from a socket. I have
this working with rsyslog with the only problem being that when I want to
change the SEC rules, it involves a restart of rsyslog.
David Lang
On Sat, 13 Aug 2011, Jean Baptiste Favre wrote:
- second is: in order to
In message alpine.deb.2.02.1108130922050.6...@asgard.lang.hm,
da...@lang.hm writes:
SEC works just fine reading from named pipe or stdin from a socket. I have
this working with rsyslog with the only problem being that when I want to
change the SEC rules, it involves a restart of rsyslog.
Hmm,
Hello David,
Thanks for your answer.
Could it be possible to get a sample configuration example ? I have some
problems to exactly figure out how it could work.
From what you said, it seems that socket is owned by sec and rsyslog
write to it, which could explain why you have to restart rsyslog
On Sat, 13 Aug 2011, John P. Rouillard wrote:
In message alpine.deb.2.02.1108130922050.6...@asgard.lang.hm,
da...@lang.hm writes:
SEC works just fine reading from named pipe or stdin from a socket. I have
this working with rsyslog with the only problem being that when I want to
change the
hi Jean Baptiste,
you might try the following rule:
type=EventGroup
ptype=regexp
pattern= (\d)[0-9]{2} \d+
count=lcall %ret $1 - ( sub { ++$req; if ($_[0] == 2) { ++$req2; } } );
desc=Count HTTP request response codes
action=none
init=lcall %ret - ( sub { $req = 0; $req2 = 0; } )
end=lcall %ret
Hello,
I need to count event number and report it every minutes.
I'm looking for a more elegant and powerfull way (I have to analyze 3000
req/s) to do it than what I found already (see bellow).
I saw http://sourceforge.net/mailarchive/message.php?msg_id=27274908 but
can't figure out if this can
