Thanks for the help David and Dan. What I am thinking now is to use the pmsnare module to test if I can extract that field but my installation of rsyslog does not have it. I use the RPM that the rsyslog team provided in their website. Is their anyway to upload a module to my existing rsyslog installation or do I have to compile it from source?
-- View this message in context: http://rsyslog-rsyslog-users.1305293.n2.nabble.com/Please-help-with-Snare-Format-tp7579234p7579243.html Sent from the rsyslog -- rsyslog-users mailing list archive at Nabble.com. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
