Hi,

how is it possible to structure syslog sensor filters when we need to combine and with or: severity[0-6] AND source[10.133.14/255] OR source[172.16.0/255]

In that example I would like to have the include filter for severity 0-6 and the source ip of the switch shell be 10.13.14.x or 172.16.0.x.

Would that expression also work outside the local probe device? Can there be another local probe device within another structure (we have a separation between office/production and network devices within the local probe.

Best Regards,

Joachim

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

It'll work on all Syslog Receiver Sensors. There can only be one Probe Device per Probe (Local Probes and Remote Probes). The filter could use a slight modification:

(severity[0-6] AND (source[10.133.14/255] OR source[172.16.0/255]))

PRTGapi | Feature Requests | WMI Issues | SNMP Issues

Kind regards,
Stephan Linke, Tech Support Team


Mar, 2019 - Permalink