How to use if else condition in rsyslog on RHEL6?
Issue
-
How to use if else in rsyslog where any authpriv message from local host contains "SecurityLog" word then do something ... ?
-
rsyslog is giving below errors while restarting the rsyslog service.
rsyslogd: the last error occured in /etc/rsyslog.d/security.conf, line 40:"if $msg contains 'SecurityLog' then "
rsyslogd: warning: selector line without actions will be discarded
rsyslogd-3000: unknown facility name "action(authpriv" [try http://www.rsyslog.com/e/3000 ]
Environment
- Red Hat Enterprise Linux (RHEL) 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.