Hi @ll,
Could someone please give me a hint on how to work this out?
I want to set up filtering for log messages where sender and subject
contain similar strings, and body text contains (non-) capitalized
lowercase phrases like "scan dropped" and "Attack Dropped".
The use of [] and "|" isn't all that clear to me, and wildcards
combined with "regular expressions" enabled isn't doing the trick
either...
This set:
log-fw Sender Yes
alert|Alert Subject Yes
[?can ?ropped]|[?ttack ?ropped]
Text Yes
...isn't hitting any msg,
Anyone? TIA!
--
Happy flappin'!
Corne' (aka Cory, The Batdmin)
________________________________________________
Current version is 3.0.1.33 | 'Using TBUDL' information:
http://www.silverstones.com/thebat/TBUDLInfo.html
