The syslog-ng 3.0 Administrator GuideDocument version: Tenth
|
 |
The syslog-ng 3.0 Administrator GuideDocument version: Tenth
|
|
The filters and default macros of syslog-ng work well on the headers and metainformation of the log messages, but are rather limited when processing the content of the messages. Parsers can segment the content of the messages into name-value pairs, and these names can be used as user-defined macros. Subsequent filtering or other type of processing of the message can use these custom macros to refer to parts of the message.
Parsers are global objects most often used together with filters and rewrite rules. For details on using parsers, see Section 3.8, “Parsing messages” and Section 8.6, “Message parsers”.
© 2007-2008 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com