SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Excldue multiple strings from syslog messages

    Posted 03-15-2016 13:35

    I'd like to exclude multiple strings from syslog messages. I know how to do this for a single string:

     

     

    user@SRX_FW# show system syslog host 10.1.0.40
    any notice;
    match "!(.*WEBFILTER_URL_BLOCKED.*)";

    My question is how do I format the syntax to ignore multiple strings? The syntaxes that logically made sense to me returned this error: repetition-operator operand invalid at '!(.*WEBFILTER_URL_BLOCKED.*|*RT_SCREEN_IP: IP spoofing*)'

     

    Thanks,

     

    Matthew

     


    #syslog
    #SRX
    #log
    #logging


  • 2.  RE: Excldue multiple strings from syslog messages
    Best Answer

     
    Posted 03-15-2016 14:23

    At a guess try:

    match "!(.*foo.*)|!(.*bar.*)";

    Sorry if it's wrong, it's just a guess.

     

    Regards,

    Andy