I'm running rsyslog 8.2012.0 for the following.
The following regex and message works fine for all regex flavors on
regex101.com, but when using as an ERE template, the rsyslog regex test
page at https://www.rsyslog.com/regex/ won't accept what I've entered as a
valid regex and rsyslog fails as well.
The regex I'm using is:
AgentLogFile=([^\s]+)[\s]
And the tab-delimited, tag/value message is:
<13>Feb 13 21:43:17 wintest AgentDevice=WindowsLog AgentLogFile=System
PluginVersion=1.0 Source=Source Computer=wintest
OriginatingComputer=192.168.1.1 User= Domain= EventID=1234 EventIDCode=1234
EventType=2 EventCategory=1 RecordNumber=12345 TimeGenerated=1613270597998
TimeWritten=1613270597998 Level=WARNING Keywords=Warning Task=0 Opcode=Info
Message=
No matter what variation I've tried, the regex checker web page an rsyslog
return a result of:
**NO MATCH**
Any help would be deeply appreciated
rob
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
The following regex and message works fine for all regex flavors on
regex101.com, but when using as an ERE template, the rsyslog regex test
page at https://www.rsyslog.com/regex/ won't accept what I've entered as a
valid regex and rsyslog fails as well.
The regex I'm using is:
AgentLogFile=([^\s]+)[\s]
And the tab-delimited, tag/value message is:
<13>Feb 13 21:43:17 wintest AgentDevice=WindowsLog AgentLogFile=System
PluginVersion=1.0 Source=Source Computer=wintest
OriginatingComputer=192.168.1.1 User= Domain= EventID=1234 EventIDCode=1234
EventType=2 EventCategory=1 RecordNumber=12345 TimeGenerated=1613270597998
TimeWritten=1613270597998 Level=WARNING Keywords=Warning Task=0 Opcode=Info
Message=
No matter what variation I've tried, the regex checker web page an rsyslog
return a result of:
**NO MATCH**
Any help would be deeply appreciated
rob
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.