hi i configured a rule on sec , that is feeded by rsyslog , everything is
fine but i am stuck in the dumbest way - the mail sending-
here is my rule:
type=PairWithWindow
ptype=RegExp
pattern=([^\ ]*\ ){2}((\S+):)\W\3\Wnew\W\w+\W+\ \w+
desc=No cancellation event for $3 after 10 minutes
action=pipe '%s' mail -s '%s' somem...@somedomain.com
ptype2=RegExp
pattern2=([^\ ]*\ ){2}((\S+):)\W\3\Wcancelled\W\w+\W+\ \w+
desc2=event for $3 was cancelled
action2=logonly
window=600
everything work fine , even sec reports that send the mail, here is the sec
log :
Wed Dec 28 14:14:40 2016: Feeding event 'No cancellation event for
SOMESERVER after 10 minutes' to shell command 'mail -s 'No cancellation
event for SOMESERVER after 10 minutes' somem...@someserver.com'
Wed Dec 28 14:14:40 2016: Child 5513 created for command 'mail -s 'No
cancellation event for SOMESERVER after 10 minutes' somem...@someserver.com'
from command line i run the mail command and sends , i donĀ“t know what i am
doing wrong, any hint is welcome!
--
::: (\(\
*: (=' :') :*
... (,('')('')....
mar...@etcheverri.com
Consultoria de sistemas
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Simple-evcorr-users mailing list
Simple-evcorr-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
