I am currently filtering firewall connection events. The Source IP (sort
-u) of those events is extracted and saved in a log-file (so once in a
while another IP is added).
I would like to check if another connection event contains one of those
unique IP-Adresses.
Is this doable with rsyslog or should I write a shell script to change
the rsyslog-config whenever "SRC_IP.log" was edited?
Happy New Year and best regards
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
-u) of those events is extracted and saved in a log-file (so once in a
while another IP is added).
I would like to check if another connection event contains one of those
unique IP-Adresses.
Is this doable with rsyslog or should I write a shell script to change
the rsyslog-config whenever "SRC_IP.log" was edited?
Happy New Year and best regards
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.