Solutions

Trying to make syslog filter

Modified on 2025-06-10 16:55:13 +0200

Hello guys, I am trying to make a custom filter that receives message with subtype="anomaly", I have the following message:

date=2022-10-20 time=17:37:22 devname="XXXXXXX" devid="XXXXXXX" logid="0000000013" type="traffic" subtype="anomaly" level="notice" etc...

and I have the following filter:

message[subtype="anomaly"]

However, it is not filtering these types of messages. What I am doing wrong in the syntax?

Thanks for your help! Regards, Cézar

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

Cezar,

Would it be possible to open a support ticket so we can get some screenshots?

Benjamin Day
[Paessler Support]

Oct, 2022 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Trying to make syslog filter

Article CommentsAttention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.

Search

Attention

Related Articles

Article Comments

Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.