asked on

regex error

Hello,
I want to log all rysylog I configure and everything is fine.
I create a new template that is:
template(name="stdSQLformat" type="string" option.sql="on" string="insert into SystemEvents (Message, Message2, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%','%msg:R,ERE,0,DFLT,1:([0-9]+\.){3}[0-9]+[:]?([0-9]+)?"--end%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')")
but when I run rsyslog I get:
error during parsing file /etc/rsyslog.d/mysql.conf, on or before line 8: invalid character '"' in object definit
I know that the problem is with
%msg:R,ERE,0,DFLT,1:([0-9]+\.){3}[0-9]+[:]?([0-9]+)?"--end%
but I don't understand what I have to do !
thanks.

noci

if " is the error in here:
%msg:R,ERE,0,DFLT,1:([0-9]+\.){3}[0-9]+[:]?([0-9]+)?"--end%

then try:
%msg:R,ERE,0,DFLT,1:([0-9]+\.){3}[0-9]+[:]?([0-9]+)?\"--end%
(use an escaped ")

or:
%msg:R,ERE,0,DFLT,1:([0-9]+\.){3}[0-9]+[:]?([0-9]+)?--end%
ignore ".

Amin El-Zein

ASKER

Hello,
its not working in any case !

ASKER CERTIFIED SOLUTION

noci

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Amin El-Zein

ASKER

noci you perfect I notice that before one hour of your notice :)
I am trying somting with regex and I will back to you ..
hope if you can help me with this : https://www.experts-exchange.com/questions/29169699/regex-syntax.html ;)
many thanks for your support.