Sadly, this is not working...
set $!msg=replace($!msg,"\"","\\\"");
What would be the variable/property to replace source_message within the
following line?
> 2023-03-06T12:30:19+00:00 mycomputer windows/windows: {
> "event_id":"7036","event_number":"23135", "eventlog":"System",
>
What do you expect?
Sent from phone, thus brief.
Tan Mientras via rsyslog schrieb am Mo., 6.
März 2023, 13:27:
> Found
>
> https://github.com/rsyslog/rsyslog-doc/commit/912bc5dcc54966be2cea9890c81414a1e96a94ce
> however it isn't working as expected (or at least how I expect)
>
> On Mon, Mar 6,
IMHO this is a JSON question, not rsyslog. But iirc it is \"
Rainer
Sent from phone, thus brief.
Tan Mientras via rsyslog schrieb am Mo., 6.
März 2023, 12:36:
> Hi
>
> Receiving the following log:
>
> 2023-03-06T12:30:19+00:00 mycomputer windows/windows: {
>
Found
https://github.com/rsyslog/rsyslog-doc/commit/912bc5dcc54966be2cea9890c81414a1e96a94ce
however it isn't working as expected (or at least how I expect)
On Mon, Mar 6, 2023 at 9:00 AM Tan Mientras wrote:
> Is it possible to filter depending on a field that may exists or not in a
> json
Hi
Receiving the following log:
2023-03-06T12:30:19+00:00 mycomputer windows/windows: {
"event_id":"7036","event_number":"23135", "eventlog":"System",
"source":"Service Control Manager", "source_message":"Windows module
instaler entered in state "*stopped*".","category_id":"0","category":"",
Is it possible to filter depending on a field that may exists or not in a
json message?
Something like:
# if property is not set
if ! $!source_app then {
action(...)
}
___
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
6 matches
Mail list logo
