Hi there,
I have an rsyslog server that ingests logs from across our network.
One of the log sources is our wireless infrastructure and we have 29
different controllers. I have a rule that looks like this but with 29
"$fromhost-ip" conditions:
if ($fromhost-ip == '10.1.1.100' or $fromhost-ip == '10.1.2.100') then {
action(type="omfile" file="/syslog/foo.log" template="OnlyMsg")
& stop
}
Running 'rsyslog -N1' passes and there are no errors or warnings in
the syslog but it never actually writes to the output file and it does
have permission to write to that directory. But if I reduce the rule
to only be one IP, it works just fine.
Is there a limit on the number of conditions you can have in one rule
or is there a better way to do this?
Thanks!
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
